Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
a.kulikov interra blog machine 1.84 |