Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2007-1622

Опубликовано: 23 мар. 2007
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

edgy

ignored

end of life, was needed
feisty

not-affected

gutsy

not-affected

hardy

not-affected

intrepid

not-affected

jaunty

not-affected

karmic

not-affected

upstream

released

2.1.2

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

nvd
больше 18 лет назад

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

debian
больше 18 лет назад

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordP ...

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

4.3 Medium

CVSS2