CVE-2015-3440

EPSS 14.4%

發布日:2015/8/3修改日:2026/5/27

也稱為:DEBIAN-CVE-2015-3440

描述

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.

受影響套件(1)

Debian/wordpressfrom 0, < 4.2.1+dfsg-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-3440