CVE-2008-7175

2009-09-0810:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

48.5%

JSON

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

References

osvdb.org/51428

www.securityfocus.com/archive/1/493182/100/0/threaded