CVE

Id
16837  
CVE No.
CVE-2006-0733  
Status
Candidate  
Description
** DISPUTED ** Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author"s website" field. NOTE: followup comments to the researcher"s web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability.  
Phase
Assigned (20060216)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
136644 16837 CVE-2006-0733 BUGTRAQ:20060214 [myimei]WordPress2.0.0~autors?website~XSS attack  View
136645 16837 CVE-2006-0733 URL:http://www.securityfocus.com/archive/1/archive/1/425043/100/0/threaded  View
136646 16837 CVE-2006-0733 MISC:http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-attack.html  View
136647 16837 CVE-2006-0733 BID:16656  View
136648 16837 CVE-2006-0733 URL:http://www.securityfocus.com/bid/16656  View
136649 16837 CVE-2006-0733 XF:wordpress-authorswebsite-xss(24736)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61613 JVNDB-2006-003879 My Blog などの製品で使用される M. Blom HTML::BBCode におけるクロスサイトスクリプティングの脆弱性 My Blog などの製品で使用される M. Blom HTML::BBCode には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-0735 16837 4.3 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003879.html  View