jeffchannell.com

Textpattern 4.0.8 Textile XSS Vulnerability

Posted in PHP
2009-08-03 02:03:31 +0000 UTC
Textpattern 4.0.8, a PHP based CMS, has a unique approach to allowing user styled input: Textile. This BBCode-type markup allows users to easily style comments. It is also vulnerable to XSS.