Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and previous versions, as used in products such as My Blog prior to 1.65, allows remote malicious users to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fuzzymonkey my blog 1.31 |
||
fuzzymonkey my blog 1.4 |
||
fuzzymonkey my blog 1.63 |
||
fuzzymonkey my blog 1.64 |
||
fuzzymonkey my blog 1.23 |
||
fuzzymonkey my blog 1.3 |
||
fuzzymonkey my blog 1.61 |
||
fuzzymonkey my blog 1.62 |
||
fuzzymonkey my blog 1.21 |
||
fuzzymonkey my blog 1.22 |
||
fuzzymonkey my blog 1.52 |
||
fuzzymonkey my blog 1.6 |
||
fuzzymonkey my blog 1.0 |
||
fuzzymonkey my blog 1.2 |
||
fuzzymonkey my blog 1.5 |
||
fuzzymonkey my blog 1.51 |
||
m blom html-bbcode 1.03 |
||
m blom html-bbcode 1.04 |
Vulmon