Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-8834

Опубликовано: 22 мая 2016
Источник: nvd
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
Версия до 4.2.1 (включая)

EPSS

Процентиль: 72%
0.00748
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2015-8834

CVSS3: 6.1
ubuntu
около 9 лет назад

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440.

debian логотип

CVE-2015-8834

CVSS3: 6.1
debian
около 9 лет назад

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in W ...

github логотип

GHSA-c2wg-9wh8-qj37

CVSS3: 6.1
github
около 3 лет назад

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440.

EPSS

Процентиль: 72%
0.00748
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79