CVE-2008-7175

2009-09-0810:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.6%

JSON

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

References

osvdb.org/51428

www.securityfocus.com/archive/1/493182/100/0/threaded