Cross Site Scripting (XSS) in emlog v6.0.0 allows remote malicious users to execute arbitrary code by adding a crafted script as a link to a new blog post.
emlog emlog 6.0.0