Description
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
Exploits
215992002-07-08remoteWindows
Working Resources BadBlue 1.7.3 - 'cleanSearchString()' Cross-Site Scripting
By Matthew Murphy
References
cve@mitre.org
http://online.securityfocus.com/archive/1/281141cve@mitre.org
http://www.securityfocus.com/bid/5179af854a3a-2127-422b-91ae-364da2661108
http://online.securityfocus.com/archive/1/281141af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/5179af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/9514