PluggedOut Blog Blog_Exec.PHP Cross-Site Scripting Vulnerability

PluggedOut Blog Blog_Exec.PHP Cross-Site Scripting Vulnerability

PluggedOut Blog is reported prone to a cross-site scripting vulnerability.

This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerable site. This code execution would occur in the security context of the site hosting the vulnerable software.

Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.