CVE

Id
92653  
CVE No.
CVE-2016-5833  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834.  
Phase
Assigned (20160623)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
791412 92653 CVE-2016-5833 MISC:https://wpvulndb.com/vulnerabilities/8518  View
791413 92653 CVE-2016-5833 CONFIRM:https://codex.wordpress.org/Version_4.5.3  View
791414 92653 CVE-2016-5833 CONFIRM:https://github.com/WordPress/WordPress/commit/4372cdf45d0f49c74bbd4d60db7281de83e32648  View
791415 92653 CVE-2016-5833 CONFIRM:https://wordpress.org/news/2016/06/wordpress-4-5-3/  View
791416 92653 CVE-2016-5833 BID:91368  View
791417 92653 CVE-2016-5833 URL:http://www.securityfocus.com/bid/91368  View
791418 92653 CVE-2016-5833 SECTRACK:1036163  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
4266 JVNDB-2016-005039 SAP TREX のネームサーバにおける重要な TNS 情報を取得される脆弱性 SAP TREX のネームサーバには、重要な TNS 情報を取得される脆弱性が存在します。 CVE-2016-6146 92653 5 5.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005039.html  View