Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sblog sblog 0.7.2 |