Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and previous versions, and 1.3.11sr6 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors when validating comments in (1) lib-comment.php (1.4.0sr4) or (2) comment.php (0.3.11sr6).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
geeklog geeklog 1.3.11 |
||
geeklog geeklog 1.4.0 |