CVE-2016-6634

Опубликовано: 07 авг. 2016

Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	4.5+dfsg-1		package

Примечания

http://codex.wordpress.org/Version_4.5
Fixed by: https://core.trac.wordpress.org/changeset/37124
Fixed by: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9

Связанные уязвимости

CVE-2016-6634

CVSS3: 6.1

ubuntu

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2016-6634

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

GHSA-h2q7-xm8h-x2gw

CVSS3: 6.1

github

около 3 лет назад

Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.