Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3440HistoryAug 03, 2015 - 2:59 p.m.
CVE-2015-3440
2015-08-0314:59:00
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.934
Percentile
99.1%
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 4.2.1+dfsg-1 | wordpress_4.2.1+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 4.2.1+dfsg-1 | wordpress_4.2.1+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 4.2.1+dfsg-1 | wordpress_4.2.1+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 4.2.1+dfsg-1 | wordpress_4.2.1+dfsg-1_all.deb |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0202)
2022-01-28 00:00:00
WordPress < 4.2.1 Comments Stored XSS Vulnerability
2015-05-04 00:00:00
Fedora Update for wordpress FEDORA-2015-6778
2015-07-07 00:00:00
prion
prion
Cross site scripting
2015-08-03 14:59:00
Cross site scripting
2016-05-22 01:59:00
checkpoint_advisories
checkpoint_advisories
WordPress Overly Long Comment Cross-Site Scripting (CVE-2015-3440)
2015-04-28 00:00:00
nvd
nvd
CVE-2015-3440
2015-08-03 14:59:00
CVE-2015-8834
2016-05-22 01:59:04
wpvulndb
wpvulndb
WordPress <= 4.2 - Unauthenticated Stored Cross-Site Scripting (XSS)
2015-04-26 00:00:00
ubuntucve
ubuntucve
CVE-2015-3440
2015-08-03 00:00:00
CVE-2015-8834
2016-05-22 00:00:00
mageia
mageia
Updated wordpress packages fix security vulnerabilities
2015-05-09 02:54:13
nessus
nessus
WordPress <= 3.9.5 / 4.1.x < 4.1.4 / 4.2.x < 4.2.1 Comments Stored XSS
2015-04-29 00:00:00
WordPress Multiple XSS
2015-05-12 00:00:00
Debian DSA-3250-1 : wordpress - security update
2015-05-05 00:00:00
cve
cve
CVE-2015-3440
2015-08-03 14:59:00
CVE-2015-8834
2016-05-22 01:59:04
cvelist
cvelist
CVE-2015-3440
2015-08-03 14:00:00
CVE-2015-8834
2016-05-22 01:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2017-07-28 02:26:48
debiancve
debiancve
CVE-2015-8834
2016-05-22 01:59:04
debian
debian
[SECURITY] [DSA 3250-1] wordpress security update
2015-05-04 18:50:54
[SECURITY] [DLA 633-1] wordpress security update
2016-09-22 20:12:14
[SECURITY] [DLA 236-1] wordpress security update
2015-06-01 12:11:28
fedora
fedora
[SECURITY] Fedora 22 Update: wordpress-4.2.1-1.fc22
2015-05-08 07:45:51
[SECURITY] Fedora 21 Update: wordpress-4.2.2-1.fc21
2015-05-20 18:47:30
[SECURITY] Fedora 20 Update: wordpress-4.2.2-1.fc20
2015-05-20 18:49:22
securityvulns
securityvulns
[SECURITY] [DSA 3250-1] wordpress security update
2015-05-11 00:00:00
osv
osv
wordpress - security update
2015-05-04 00:00:00
wordpress - security update
2016-09-22 00:00:00
wordpress - security update
2015-06-01 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.934
Percentile
99.1%
Related for DEBIANCVE:CVE-2015-3440