Lucene search

[email protected]NVD:CVE-2009-1030

HistoryMar 20, 2009 - 12:30 a.m.

CVE-2009-1030

2009-03-2000:30:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.005

Percentile

77.1%

JSON

Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-functions.php in WordPress MU (WPMU) before 2.7 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.

Affected configurations

Nvd

Node

wordpresswordpress_muRange≤2.6

wordpresswordpress_muMatch1.0

wordpresswordpress_muMatch1.0rc1

wordpresswordpress_muMatch1.0rc2

wordpresswordpress_muMatch1.0rc3

wordpresswordpress_muMatch1.0rc4

wordpresswordpress_muMatch1.1

wordpresswordpress_muMatch1.1.1

wordpresswordpress_muMatch1.2

wordpresswordpress_muMatch1.2.1

wordpresswordpress_muMatch1.2.2

wordpresswordpress_muMatch1.2.3

wordpresswordpress_muMatch1.2.4

wordpresswordpress_muMatch1.2.4rc1

wordpresswordpress_muMatch1.2.5a

wordpresswordpress_muMatch1.3

wordpresswordpress_muMatch1.3.1

wordpresswordpress_muMatch1.3.2

wordpresswordpress_muMatch1.3.3

wordpresswordpress_muMatch1.5rc1

wordpresswordpress_muMatch1.5.1

wordpresswordpress_muMatch2.6.1

wordpresswordpress_muMatch2.6.2

wordpresswordpress_muMatch2.6.3

wordpresswordpress_muMatch2.6.5

wordpresswordpress_muMatch2.7

VendorProductVersionCPE
wordpresswordpress_mu*cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*
wordpresswordpress_mu1.0cpe:2.3:a:wordpress:wordpress_mu:1.0:*:*:*:*:*:*:*
wordpresswordpress_mu1.0cpe:2.3:a:wordpress:wordpress_mu:1.0:rc1:*:*:*:*:*:*
wordpresswordpress_mu1.0cpe:2.3:a:wordpress:wordpress_mu:1.0:rc2:*:*:*:*:*:*
wordpresswordpress_mu1.0cpe:2.3:a:wordpress:wordpress_mu:1.0:rc3:*:*:*:*:*:*
wordpresswordpress_mu1.0cpe:2.3:a:wordpress:wordpress_mu:1.0:rc4:*:*:*:*:*:*
wordpresswordpress_mu1.1cpe:2.3:a:wordpress:wordpress_mu:1.1:*:*:*:*:*:*:*
wordpresswordpress_mu1.1.1cpe:2.3:a:wordpress:wordpress_mu:1.1.1:*:*:*:*:*:*:*
wordpresswordpress_mu1.2cpe:2.3:a:wordpress:wordpress_mu:1.2:*:*:*:*:*:*:*
wordpresswordpress_mu1.2.1cpe:2.3:a:wordpress:wordpress_mu:1.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wordpress	wordpress_mu	*	cpe:2.3:a:wordpress:wordpress_mu::::::::
wordpress	wordpress_mu	1.0	cpe:2.3:a:wordpress:wordpress_mu:1.0:::::::*
wordpress	wordpress_mu	1.0	cpe:2.3:a:wordpress:wordpress_mu:1.0:rc1::::::
wordpress	wordpress_mu	1.0	cpe:2.3:a:wordpress:wordpress_mu:1.0:rc2::::::
wordpress	wordpress_mu	1.0	cpe:2.3:a:wordpress:wordpress_mu:1.0:rc3::::::
wordpress	wordpress_mu	1.0	cpe:2.3:a:wordpress:wordpress_mu:1.0:rc4::::::
wordpress	wordpress_mu	1.1	cpe:2.3:a:wordpress:wordpress_mu:1.1:::::::*
wordpress	wordpress_mu	1.1.1	cpe:2.3:a:wordpress:wordpress_mu:1.1.1:::::::*
wordpress	wordpress_mu	1.2	cpe:2.3:a:wordpress:wordpress_mu:1.2:::::::*
wordpress	wordpress_mu	1.2.1	cpe:2.3:a:wordpress:wordpress_mu:1.2.1:::::::*