Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote malicious users to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lifetype lifetype 1.2.8 |