1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2008-5278
PublicDate: 2008-11-28
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5278
Description:
Cross-site scripting (XSS) vulnerability in the self_link function in in
the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5
allows remote attackers to inject arbitrary web script or HTML via the Host
header (HTTP_HOST variable).
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507193
Priority: low
Discovered-by:
Assigned-to:
Patches_wordpress:
upstream_wordpress: released (2.5.1-11)
dapper_wordpress: ignored (reached end-of-life)
gutsy_wordpress: needed (reached end-of-life)
hardy_wordpress: ignored (reached end-of-life)
intrepid_wordpress: needed (reached end-of-life)
jaunty_wordpress: not-affected (2.5.1-11ubuntu1)
karmic_wordpress: not-affected (2.5.1-11ubuntu1)
lucid_wordpress: not-affected (2.5.1-11ubuntu1)
maverick_wordpress: not-affected (2.5.1-11ubuntu1)
natty_wordpress: not-affected (2.5.1-11ubuntu1)
oneiric_wordpress: not-affected (2.5.1-11ubuntu1)
devel_wordpress: not-affected (2.5.1-11ubuntu1)
|