Lucene search

K
cvelistDebianCVELIST:CVE-2016-5834
HistoryJun 29, 2016 - 2:00 p.m.

CVE-2016-5834

2016-06-2914:00:00
debian
www.cve.org

6.2 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.0%

Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833.

6.2 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.0%