FreeBSD : pyblosxom -- atom flavor multiple XML injection vulnerabilities (b07f3254-f83a-11dd-85a4-ea653f0746ab)
Medium Nessus Plugin ID 56400
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecurity Focus reports :
PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied XML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
SolutionUpdate the affected package.