CVE-2014-10007 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name (2) email or (3) subject parameter in a contact action to index.php.

Reference

http://secunia.com/advisories/56797 https://exchange.xforce.ibmcloud.com/vulnerabilities/90961 https://www.netsparker.com/critical-xss-vulnerabilities-in-maian-weblog/