CVE-2011-5301 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the story_url parameter to add_story.php (2) the email parameter to editprofile.php (3) the title parameter to adm/content_add.php or (4) the username parameter to adm/admin_edit.php.

Reference

https://www.htbridge.com/advisory/HTB22970 Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the story_url parameter to add_story.php (2) the email parameter to editprofile.php (3) the title parameter to adm/content_add.php or (4) the username parameter to adm/admin_edit.php.