myBloggie <= 2.1.3 XSS

Discovered by: Nomenumbra

Date: 6/4/2006

impact:moderate (privilege escalation,possible defacement)

MyBloggie versions 2.1.3 and below are vulnerable to XSS injection in the

image BBcode as follows:

[img]javascript:alert('xss')[/img]

Nomenumbra/[0x4F4C]