From: SK
To: moderators[at]osvdb.org
Date: Tue, 1 Apr 2008 12:40:33 -0400
Subject: [OSVDB Mods] [New Vulnerability]

Hi,

 The software .NET BlogEngine- http://www.dotnetblogengine.net/ has an
XSS vulnerability within the search page (all versions I believe).

 Here's a quick example -
http://[redacted]/blog/search.aspx?q="><script>alert('ImBeded%20JS')</script>

 Thanks, keep up the good work,
 SK