|
|
CVE Reference: CVE-2006-6808 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-6808 |
|
|
Description: Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/31133 SAID Secunia Advisory: SA23587 Secunia Advisory: SA23741 MISC http://michaeldaw.org/ GENTOO http://security.gentoo.org/glsa/glsa-200701-10.xml FULLDISC http://marc.theaimsgroup.com/?l=full-disclosure&m=116722128631087&w=2 CONFIRM http://trac.wordpress.org/changeset/4665 BID 21782 |
|
| Return to the previous page. |
