1
Candidate: CVE-2013-2205
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2205
5
http://codex.wordpress.org/Version_3.5.2
7
The default configuration of SWFUpload in WordPress before 3.5.2 has an
8
unrestrictive security.allowDomain setting, which allows remote attackers
9
to bypass the Same Origin Policy and conduct cross-site scripting (XSS)
10
attacks via a crafted web site.
14
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713947
20
upstream_wordpress: released (3.5.2+dfsg-1)
21
lucid_wordpress: ignored (reached end-of-life)
22
precise_wordpress: ignored (reached end-of-life)
23
precise/esm_wordpress: DNE (precise was needs-triage)
24
quantal_wordpress: ignored (reached end-of-life)
25
raring_wordpress: ignored (reached end-of-life)
26
saucy_wordpress: not-affected (3.5.2+dfsg-1)
27
trusty_wordpress: not-affected (3.5.2+dfsg-1)
28
utopic_wordpress: not-affected (3.5.2+dfsg-1)
29
vivid_wordpress: not-affected (3.5.2+dfsg-1)
30
vivid/stable-phone-overlay_wordpress: DNE
31
vivid/ubuntu-core_wordpress: DNE
32
wily_wordpress: not-affected (3.5.2+dfsg-1)
33
xenial_wordpress: not-affected (3.5.2+dfsg-1)
34
yakkety_wordpress: not-affected (3.5.2+dfsg-1)
35
zesty_wordpress: not-affected (3.5.2+dfsg-1)
36
devel_wordpress: not-affected (3.5.2+dfsg-1)