Sponsored link
Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.
| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
b2evolution: cross-site scripting
| Package(s): | b2evolution | CVE #(s): | CVE-2007-0175 | |||
| Created: | May 5, 2008 | Updated: | May 7, 2008 | |||
| Description: | From the CVE entry: Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter. | |||||
| Alerts: |
| |||||
(Log in to post comments)