CVE-2017-9063

Опубликовано: 18 мая 2017

Источник: debian

EPSS Низкий

Описание

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	4.7.5+dfsg-1		package

https://wordpress.org/news/2017/05/wordpress-4-7-5/
https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3

EPSS

Процентиль: 80%

0.01449

Низкий

CVE-2017-9063

CVSS3: 6.1

ubuntu

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

CVE-2017-9063

CVSS3: 6.1

nvd

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

GHSA-8c9g-j366-5fcx

CVSS3: 6.1

github

больше 3 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

EPSS

Процентиль: 80%

0.01449

Низкий