CVE-2008-7175

Currently unrated

Key Information:

Vendor
Wordpress
Vendor
CVE Published:
8 September 2009

Summary

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.