Description
Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified form fields on the blogroll page.
Remediation
References
Related Vulnerabilities
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9700)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1170)
WordPress Plugin ARMember-Content Restriction & Membership Security Bypass (1.4)
WordPress Plugin Multilanguage by BestWebSoft Cross-Site Scripting (1.2.1)