myBloggie <= 2.1.3 XSS Discovered by: Nomenumbra Date: 6/4/2006 impact:moderate (privilege escalation,possible defacement) MyBloggie versions 2.1.3 and below are vulnerable to XSS injection in the image BBcode as follows: [img]javascript:alert('xss')[/img] Nomenumbra/[0x4F4C]