CVE-2006-0473 Information

Description

Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog as last modified in April 2004 allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

Reference

http://attrition.org/pipermail/vim/2006-January/000520.html http://evuln.com/vulns/51/ http://evuln.com/vulns/51/summary.html http://secunia.com/advisories/18628 http://securityreason.com/securityalert/378 http://www.osvdb.org/22753 http://www.securityfocus.com/archive/1/423167/100/0/threaded http://www.securityfocus.com/bid/16395 http://www.vupen.com/english/advisories/2006/0349 https://exchange.xforce.ibmcloud.com/vulnerabilities/24310