CVE-2006-1796
EPSS 0.46%Published: 4/17/2006Modified: 5/27/2026
Description
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']).
Affected packages (1)
- Debian/wordpressfrom 0, < 2.0.1