source: https://www.securityfocus.com/bid/21238/info My Little Weblog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input to the 'action' parameter of the 'weblog.php' script. www.example.com/weblog.php?action="><