Re: Zoomblog HTML Injection Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Zoomblog HTML Injection Vulnerability
From: RBA <rba@xxxxxxxxxxx>
Date: Mon, 07 Nov 2005 02:34:17 -0800
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)

> Zoomblog is prone to HTML injection attacks. It is possible for a
> malicious Zoomblog user to inject hostile HTML and script code into
> the commentary via form fields.

This bug was corrected on Nov.4th.

Also, the "Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability"was corrected on Nov.5th.


Regards,
Rogelio
http://www.zoomblog.com/

Prev by Date: [ GLSA 200511-05 ] GNUMP3d: Directory traversal and XSS vulnerabilities
Next by Date: [SECURITY] [DSA 885-1] New OpenVPN packages fix several vulnerabilities
Previous by thread: Zoomblog HTML Injection Vulnerability
Next by thread: Gallery_v2.4 SQL Injection
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux