Lucene search

NacinPATCHSTACK:02DE18B5C71723730C38440661E98D21

HistoryJan 20, 2014 - 12:00 a.m.

WordPress <= 3.0.1 - Multiple XSS

2014-01-2000:00:00

nacin

patchstack.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON

Because of these vulnerabilities, remote servers can inject arbitrary web script or HTML by providing a crafted error message for a FTP or SSH connection attempt.

Solution

           Update WordPress.

CPENameOperatorVersion
wordpressle3.0.1

CPE	Name	Operator	Version
	wordpress	le	3.0.1

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5294

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON

Related for PATCHSTACK:02DE18B5C71723730C38440661E98D21