Описание
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wordpress | fixed | 4.7.3+dfsg-1 | package | |
| wordpress | not-affected | wheezy | package |
Примечания
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
EPSS
Процентиль: 91%
0.06131
Низкий
Связанные уязвимости
CVSS3: 5.4
ubuntu
почти 9 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
CVSS3: 5.4
nvd
почти 9 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
CVSS3: 5.4
github
больше 3 лет назад
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
EPSS
Процентиль: 91%
0.06131
Низкий