BLOG:CMS Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

BLOG:CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. BLOG:CMS 4.2.1.f is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://blogcms.com/
http://www.securityfocus.com/bid/48132

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
AdaptCMS 'init.php' Remote File Include Vulnerability
Apache Tomcat Login Constraints Security Bypass Vulnerability
Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
Adobe ColdFusion HTTP Response Splitting Vulnerability

Take action and discover your vulnerabilities