Package: wordpress Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for wordpress.
CVE-2008-4671[0]: | Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in | Wordpress MU (WPMU) before 2.6 allows remote attackers to inject | arbitrary web script or HTML via the (1) s and (2) ip_address | parameters. There is a more detailed description here[1]. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4671 http://security-tracker.debian.net/tracker/CVE-2008-4671 [1] http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
