Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, or the (2) search parameter or (3) theme cookie to (b) recherche.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jblog jblog 1.0 |