CVE-2006-7002

Name of the Vulnerable Software and Affected Versions Wheatblog (wB) version 1.1

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the Email field in the add comment.php file.

Recommendations For Wheatblog (wB) version 1.1, consider restricting access to the add comment.php file or validating and sanitizing user input in the Email field to prevent XSS attacks. As a temporary workaround, consider disabling the Email field in the add comment.php file until a patch is available.