Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote attackers to execute arbitrary web script or HTML via the search parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Acs_blog | Asp_press | 0.8 (including) | 0.8 (including) |
| Acs_blog | Asp_press | 0.9 (including) | 0.9 (including) |
| Acs_blog | Asp_press | 1.0 (including) | 1.0 (including) |
| Acs_blog | Asp_press | 1.1b (including) | 1.1b (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111108840811698\u0026w=2
- http://secunia.com/advisories/14625/
- http://securitytracker.com/id?1013470
- http://www.osvdb.org/14861
- http://www.securityfocus.com/bid/12836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19728
- http://marc.info/?l=bugtraq\u0026m=111108840811698\u0026w=2
- http://secunia.com/advisories/14625/
- http://securitytracker.com/id?1013470
- http://www.osvdb.org/14861
- http://www.securityfocus.com/bid/12836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19728