CVE-2006-4829
Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-name parameter in a blog post.
Date published : 2006-09-15
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html