bugzilla@redhat.com
2007-May-12 08:02 UTC
[Bug 239904] New: CVE-2007-2627: wordpress sidebar.php XSS
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239904
Summary: CVE-2007-2627: wordpress sidebar.php XSS
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2627
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: wordpress
AssignedTo: jwb@redhat.com
ReportedBy: ville.skytta@iki.fi
QAContact: extras-qa@fedoraproject.org
CC: fedora-security-list@redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2627
"Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when
custom 404 pages that call get_sidebar are used, allows remote attackers to
inject arbitrary web script or HTML via the query string (PHP_SELF), a different
vulnerability than CVE-2007-1622."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
bugzilla@redhat.com
2007-May-17 22:14 UTC
[Bug 239904] CVE-2007-2627: wordpress sidebar.php XSS
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-2627: wordpress sidebar.php XSS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239904
jwb@redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
------- Additional Comments From jwb@redhat.com 2007-05-17 18:14 EST -------
Upstream doesn''t seem to have a patch for this as of yet (May 17 2007).
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
bugzilla@redhat.com
2007-Jul-05 19:22 UTC
[Bug 239904] CVE-2007-2627: wordpress sidebar.php XSS
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-2627: wordpress sidebar.php XSS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239904
bugzilla@redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Product|Fedora Extras |Fedora
------- Additional Comments From updates@fedoraproject.org 2007-07-05 15:22 EST
-------
wordpress-2.2.1-1.fc7 has been pushed to the Fedora 7 stable repository. If
problems still persist, please make note of it in this bug report.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
bugzilla@redhat.com
2007-Jul-05 19:22 UTC
[Bug 239904] CVE-2007-2627: wordpress sidebar.php XSS
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-2627: wordpress sidebar.php XSS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239904
updates@fedoraproject.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |CLOSED
Resolution| |ERRATA
Fixed In Version| |2.2.1-1.fc7
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.