Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element.
References 6 Total
- secunia.com: 25308 third-party-advisory
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegister.php?r1=127&r2=133
- osvdb.org: 36076 vdb-entry
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegister.php?view=log
- http://sourceforge.net/project/shownotes.php?release_id=509254
- exchange.xforce.ibmcloud.com: wikyblog-unspecified-xss(34373) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- secunia.com: 25308 third-party-advisoryx_transferred
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegister.php?r1=127&r2=133 x_transferred
- osvdb.org: 36076 vdb-entryx_transferred
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegister.php?view=log x_transferred
- http://sourceforge.net/project/shownotes.php?release_id=509254 x_transferred
- exchange.xforce.ibmcloud.com: wikyblog-unspecified-xss(34373) vdb-entryx_transferred