CVE-2008-0193

2008-01-1000:46:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.007

Percentile

81.0%

JSON

Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php.

OSVersionArchitecturePackageVersionFilename
Debian12allwordpress< 2.1.0-1wordpress_2.1.0-1_all.deb
Debian11allwordpress< 2.1.0-1wordpress_2.1.0-1_all.deb
Debian999allwordpress< 2.1.0-1wordpress_2.1.0-1_all.deb
Debian13allwordpress< 2.1.0-1wordpress_2.1.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	wordpress	< 2.1.0-1	wordpress_2.1.0-1_all.deb
Debian	11	all	wordpress	< 2.1.0-1	wordpress_2.1.0-1_all.deb
Debian	999	all	wordpress	< 2.1.0-1	wordpress_2.1.0-1_all.deb
Debian	13	all	wordpress	< 2.1.0-1	wordpress_2.1.0-1_all.deb