CVE-2006-0735

Name of the Vulnerable Software and Affected Versions M. Blom HTML::BBCode version 1.04 and earlier My Blog versions prior to 1.65

Description The issue allows remote attackers to inject arbitrary Javascript via a javascript URI in an img or url BBcode tag, which can lead to cross-site scripting (XSS) attacks.

Recommendations For M. Blom HTML::BBCode version 1.04 and earlier, consider disabling the use of javascript URIs in BBcode tags until a patch is available. For My Blog versions prior to 1.65, restrict the use of img and url BBcode tags to minimize the risk of exploitation.