Описание
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40513
- http://secunia.com/advisories/28968
- http://securityreason.com/securityalert/3674
- http://urbangiraffe.com/tracker/issues/show/60
- http://www.securityfocus.com/archive/1/488109/100/0/threaded
- http://www.securityfocus.com/bid/27791
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.