Summary
This host is running BLOB Blog System and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to BLOB Blog System 1.2 or later.
http://sourceforge.net/projects/blobblogsystem/files/
Insight
This flaw is due to improper validation of user supplied data passed into the 'postid' parameter in the bpost.php.
Affected
BLOB Blog System prior to 1.2 on all platforms.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-3594 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities