Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-53qx-g7v7-2hxp

Опубликовано: 01 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject arbitrary web script or HTML via the "From: part of the comment post," probably involving the nickname parameter to previewcomment.php.

Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject arbitrary web script or HTML via the "From: part of the comment post," probably involving the nickname parameter to previewcomment.php.

Ссылки

EPSS

Процентиль: 67%
0.00527
Низкий

CVE ID

CVE-2006-4090

Связанные уязвимости

nvd логотип

CVE-2006-4090

nvd
больше 19 лет назад

Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject arbitrary web script or HTML via the "From: part of the comment post," probably involving the nickname parameter to previewcomment.php.

EPSS

Процентиль: 67%
0.00527
Низкий

CVE ID

CVE-2006-4090