CVE-2011-1953

Post Revolution <0.8.0c-2 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a (1) P, a (2) STRONG, a (3) A, a (4) EM, a (5) I, a (6) IMG, a (7) LI, an (8) OL, a (9) VIDEO, or a (10) BLOCKQUOTE element.

References (5)

Scores

EPSS 0.0037
EPSS Percentile 58.2%

Classification

CWE
CWE-79
Status published

Affected Products (13)

postrev/post_revolution < 0.8.0c
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
postrev/post_revolution
n/a/n/a

Timeline

Published Jun 06, 2011
Tracked Since Feb 18, 2026