Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Ar-blog |
Ar-blog |
5.2 |
5.2 |
References