ID CVE-2005-1309
Summary Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.
References
Vulnerable Configurations
  • cpe:2.3:a:eaden_mckee:bblog:0.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:eaden_mckee:bblog:0.7.4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 05-09-2008 - 20:48)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
misc http://sourceforge.net/tracker/index.php?func=detail&aid=1188735&group_id=81992&atid=564683
osvdb
  • 15754
  • 15755
sectrack 1013811
Last major update 05-09-2008 - 20:48
Published 02-05-2005 - 04:00
Last modified 05-09-2008 - 20:48
Back to Top