Cross-site scripting (XSS) vulnerability in a-blog 1.51 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
source: wwwsecurityfocuscom/bid/21716/info
The 'a-blog' application is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site ...