Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability
References
Configurations
History
21 Nov 2024, 00:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-attack.html - Exploit, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/425043/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/16656 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/24736 - |
07 Nov 2023, 01:58
Type | Values Removed | Values Added |
---|---|---|
Summary | Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability |
Information
Published : 2006-02-16 11:02
Updated : 2024-11-21 00:07
NVD link : CVE-2006-0733
Mitre link : CVE-2006-0733
CVE.ORG link : CVE-2006-0733
JSON object : View
Products Affected
wordpress
- wordpress
CWE