PyBlosxom is prone to multiple XML-injection
vulnerabilities because the application fails to
properly sanitize user-supplied input before using it
in dynamically generated content.
Attacker-supplied XML and script code would run in the
context of the affected browser, potentially allowing
the attacker to steal cookie-based authentication credentials
or to control how the site is rendered to the user. Other attacks
are also possible.