b2evolution Multiple Cross-Site Scripting Vulnerabilities

b2evolution Multiple Cross-Site Scripting Vulnerabilities

It has been reported that b2evolution is prone to multiple cross-site scripting vulnerabilities that may allow a remote attacker to cause hostile HTML or script code to be rendered in the browser of a user who follows a malicious link supplied by the attacker.

Successful exploitation of these issues may allow an attacker to steak cookie-based credentials. Other attacks may also be possible.