CVE-2010-1186

Currently unrated

Key Information:

Vendor: Wordpress
Status: Nextgen Gallery
Vendor: CVE Published:; 7 April 2010

Summary

Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.

References

http://www.exploit-db.com/exploits/12098

exploitx_refsource_EXPLOIT-DB

http://secunia.com/advisories/39341

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/39250

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 7, 2010
Vulnerability Reserved
Mar 30, 2010