3 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the improper filtering of file contents used in generating reports from the general-template.md template. An attacker can execute arbitrary commands on the host by injecting malicious scripts into the inp...
WordPress Cross-Site Scripting Vulnerability (CNVD-2017-38249)
WordPress is a blogging platform developed using the PHP language. Users can set up their own websites on servers that support PHP and MySQL databases, or use WordPress as a content management system CMS. A cross-site scripting vulnerability exists in WordPress before 4.9.1. The vulnerability...
DEBIAN-CVE-2007-1894
Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...