VULHUB ™

A problem with IU BLog Comment Form could allow remote users to execute arbitrary code in the context of the web site hosting IU BLog. The problem occurs due to the lack of sanitization performed on encoded character representations of HTML tags. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Other attacks are also possible.

A problem with IU BLog Comment Form could allow remote users to execute arbitrary code in the context of the web site hosting IU BLog. The problem occurs due to the lack of sanitization performed on encoded character representations of HTML tags. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Other attacks are also possible.