Vulnerabilities

CVE-2006-6808

by Fred · 28/12/2006

Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php.

Date published : 2006-12-28

http://www.securityfocus.com/bid/21782

http://trac.wordpress.org/changeset/4665

Similar

Tags: Cybersecurity Alert