CVE-2011-5159 Information

Description

Cross-site scripting (XSS) vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allows remote attackers to inject arbitrary web script or HTML via the sub_group parameter a different vulnerability than CVE-2011-4942.

Reference

http://secunia.com/advisories/42775 http://www.geeklog.net/article.php/geeklog-1.7.1sr1 http://www.osvdb.org/70245