Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote malicious users to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blogbuddies blogbuddies 0.3 |
||
jaws jaws 0.6.2 |
||
magpierss magpierss 7.1 |