Описание
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wordpress | fixed | 4.7.3+dfsg-1 | package | |
| wordpress | not-affected | jessie | package | |
| wordpress | not-affected | wheezy | package |
Примечания
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
https://github.com/WordPress/WordPress/commit/9092fd01e1f452f37c313d38b18f9fe6907541f9
EPSS
Процентиль: 90%
0.05492
Низкий
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 8 лет назад
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
CVSS3: 6.1
nvd
больше 8 лет назад
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
CVSS3: 6.1
github
около 3 лет назад
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
EPSS
Процентиль: 90%
0.05492
Низкий