myBloggie versions 2.1.3 and below suffer from cross site scripting flaws.
250ee007879282d10c62b89ebb52948f314f5586726780295ec33a3769ce53ca
myBloggie <= 2.1.3 XSS
Discovered by: Nomenumbra
Date: 6/4/2006
impact:moderate (privilege escalation,possible defacement)
MyBloggie versions 2.1.3 and below are vulnerable to XSS injection in the
image BBcode as follows:
[img]javascript:alert('xss')[/img]
Nomenumbra/[0x4F4C]