Lucene search
Alexander ConchaPATCHSTACK:5F68D259B420346211F71A2A6663747BHistoryMar 22, 2007 - 12:00 a.m.
WordPress <= 2.1.2 RC2 - XSS
2007-03-2200:00:00
Alexander Concha
patchstack.com
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Because of this vulnerability in wp-admin/vars.php, the authenticated users with theme privileges can inject arbitrary web script or HTML via the PATH_INFO.
Solution
Update the WordPress to the latest available version (at least 2.1.3).
Related
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
prion
prion
Cross site scripting
2007-03-23 00:19:00
Cross site scripting
2007-05-11 17:19:00
Cross site scripting
2007-06-15 01:30:00
osv
osv
wordpress
2007-05-01 00:00:00
debian
debian
[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities
2007-05-01 18:03:33
[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities
2007-05-01 18:03:33
nessus
nessus
Debian DSA-1285-1 : wordpress - several vulnerabilities
2007-05-03 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1285-1)
2023-03-08 00:00:00
securityvulns
securityvulns
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for PATCHSTACK:5F68D259B420346211F71A2A6663747B