BLOG:CMS Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

BLOG:CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. BLOG:CMS 4.2.1.f is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://blogcms.com/
http://www.securityfocus.com/bid/48132

Updated on 2017-03-28

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tiles Multiple XSS Vulnerability
Apache Tomcat SecurityConstraints Security Bypass Vulnerability
Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
Adobe JRun Management Console Multiple Vulnerabilities
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities

Take action and discover your vulnerabilities