Описание
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wordpress | fixed | 4.7.3+dfsg-1 | package | |
| wordpress | not-affected | wheezy | package |
Примечания
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
EPSS
Процентиль: 85%
0.02608
Низкий
Связанные уязвимости
CVSS3: 5.4
ubuntu
больше 8 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
CVSS3: 5.4
nvd
больше 8 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
CVSS3: 5.4
github
около 3 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
EPSS
Процентиль: 85%
0.02608
Низкий