CVE-2006-4091

Description

Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Comment section.

Affected products

• archangelmgt / weblog0.90.02 – 0.90.02

References

• MISChttp://www.securityfocus.com/archive/1/442580/100/0/threaded
• MISChttp://securitytracker.com/id?1016670
• MISChttp://www.securityfocus.com/bid/19432
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/28287
• MISChttp://securityreason.com/securityalert/1360