Published:2005/04/11  Last Updated:2008/05/21

JVN#55F159B6
ppBlog cross-site scripting vulnerability

Overview

ppBlog, a weblog program written in PHP, contains a cross-site scripting vulnerability in its search form.

Products Affected

  • All versions earlier than ppBlog ver.1.4.0

Description

Impact

A remote attacker could execute a malicious script.

Solution

Vendor Status

Vendor Link
martin(ppBlog) martin(ppBlog)

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2005-000763

Update History