[41064] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Zoomblog HTML Injection Vulnerability

daemon@ATHENA.MIT.EDU (RBA)
Mon Nov 7 16:49:13 2005

Message-ID: <436F2DA9.60102@eListas.com>
Date: Mon, 07 Nov 2005 02:34:17 -0800
From: RBA <rba@eListas.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

 > Zoomblog is prone to HTML injection attacks. It is possible for a
 > malicious Zoomblog user to inject hostile HTML and script code into
 > the commentary via form fields.

This bug was corrected on Nov.4th.

Also, the "Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability" 
was corrected on Nov.5th.

Regards,
Rogelio
http://www.zoomblog.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41064] in bugtraq

Re: Zoomblog HTML Injection Vulnerability

daemon@ATHENA.MIT.EDU (RBA)Mon Nov 7 16:49:13 2005

daemon@ATHENA.MIT.EDU (RBA)
Mon Nov 7 16:49:13 2005