Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-name parameter in a blog post. This vulnerability is addressed in the following product release:
Blojsom, Blojsom, 2.32
Publication date: Sat, 16 Sep 2006 03:07:00 +0000