Summary: | <www-apps/wordpress-2.8.2 XSS Vulnerability in Comment author URLs (CVE-2009-2851) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://wordpress.org/development/2009/07/wordpress-2-8-2/ | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Jeroen Roovers (RETIRED)
2009-07-20 18:22:44 UTC
2.8.2 in CVS. Changeset: http://core.trac.wordpress.org/changeset?new=11730%40branches&old=11701%40branches No further references available atm. And thanks for the uberfast bump. CVE-2009-2851 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2851): Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL. |