Lucene search
N/APATCHSTACK:B103244988F55A2DB368066013A31C7AHistoryNov 29, 2017 - 12:00 a.m.
WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
2017-11-2900:00:00
N/A
patchstack.com
74
0.001 Low
EPSS
Percentile
41.3%
The attributes of enclosures are not correctly escaped in RSS and Atom feeds in wp-includes/feed.php file, which might allow an attacker to exploit XSS via a crafted URL.
Solution
Update WordPress to v4.9.1.
Related
wpvulndb
wpvulndb
WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
2017-11-29 00:00:00
ubuntucve
ubuntucve
CVE-2017-17094
2017-12-02 00:00:00
prion
prion
Cross site scripting
2017-12-02 06:29:00
nvd
nvd
CVE-2017-17094
2017-12-02 06:29:00
cvelist
cvelist
CVE-2017-17094
2017-12-02 06:00:00
debiancve
debiancve
CVE-2017-17094
2017-12-02 06:29:00
cve
cve
CVE-2017-17094
2017-12-02 06:29:00
veracode
veracode
Cross-site Scripting (XSS)
2017-12-04 04:24:03
osv
osv
CVE-2017-17094
2017-12-02 06:29:00
wordpress - security update
2017-12-21 00:00:00
wordpress - security update
2018-01-17 00:00:00
openvas
openvas
WordPress < 4.9.1 Multiple Vulnerabilities - Linux
2017-12-04 00:00:00
WordPress < 4.9.1 Multiple Vulnerabilities - Windows
2017-12-04 00:00:00
Debian: Security Advisory (DLA-1216-1)
2023-03-08 00:00:00
nessus
nessus
Debian DLA-1216-1 : wordpress security update
2017-12-26 00:00:00
WordPress < 4.9.1 Multiple Vulnerabilities
2017-12-04 00:00:00
Debian DSA-4090-1 : wordpress - security update
2018-01-18 00:00:00
debian
debian
[SECURITY] [DLA 1216-1] wordpress security update
2017-12-21 20:10:37
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59