CVE-2006-0735 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-0735
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0735

Description: Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24668 SAID Secunia Advisory: SA18905 Secunia Advisory: SA18925 MISC http://menno.b10m.net/perl/HTML-BBCode/Changes http://www.evuln.com/vulns/80/summary.html http://evuln.com/vulns/79/summary.html CONFIRM http://evuln.com/vulns/80/summary.html http://fuzzymonkey.net/forum/viewtopic.php?t=856 http://menno.b10m.net/perl/dists/HTML-BBCode-1.05.tar.gz http://menno.b10m.net/perl/HTML-BBCode/Changes BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/425113/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/425087/100/0/threaded BID 16659

Return to the previous page.