CVE-2008-4733

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Comment Remix Plugin
Vendor: CVE Published:; 24 October 2008

Summary

Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep, (7) tagheadersep, (8) taglabel, and (9) tagheaderlabel parameters.

References

http://secunia.com/advisories/32253

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/497313/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/31750

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 24, 2008
Vulnerability Reserved
Oct 24, 2008