severity 503642 minor tags 503642 + unreproducible thanks > Package: wordpress > Severity: important > Tags: security > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for wordpress. > > CVE-2008-4671[0]: > | Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in > | Wordpress MU (WPMU) before 2.6 allows remote attackers to inject > | arbitrary web script or HTML via the (1) s and (2) ip_address > | parameters. As expressed in the CVE the bug affects wordpress-MU only. The guilty php scripts does not even appear in the standard wordpress we are releasing with debian.
As for now I'm pushing down the severity of the bug and tagging it as unreproducible. If you agree I will close the bug because it does not apply to wordpress in debian. Thank you very much for reporting this. Regards. Andrea De Iacovo
signature.asc
Description: Questa รจ una parte del messaggio firmata digitalmente
