Unrated severityNVD Advisory· Published Oct 8, 2009· Updated Jun 16, 2026
CVE-2009-3594
CVE-2009-3594
Description
Cross-site scripting (XSS) vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.
Affected products
4cpe:2.3:a:blob:blog_system:1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:blob:blog_system:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:blob:blog_system:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:blob:blog_system:1.1.1:*:*:*:*:*:*:*
- (no CPE)range: <1.2
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.