CVE-2006-1796

WordPress 1.5.2 (and possibly earlier than 2.0.1) is affected by an XSS in the paging links (template-functions-links.php). The vulnerability allows remote attackers to inject arbitrary script/HTML into IE users via the request URI ($_SERVER['REQUEST_URI']). Impact is cross-site scripting with pa...