ID de Prueba:	1.3.6.1.4.1.25623.1.0.800376
Categoría:	Web application abuses
Título:	WordPress MU Cross-Site Scripting Vulnerability (Apr 2009)
Resumen:	WordPress MU is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: WordPress MU is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: The vulnerability is due to improper validation of user supplied input in 'wp-includes/wpmu-functions.php' for choose_primary_blog function. Vulnerability Impact: Successful exploitation will let the attacker execute malicious crafted HTTP headers and conduct cross site scripting attacks to gain administrative privileges into the affected web application. Affected Software/OS: WordPress MU before 2.7 on all running platform. Solution: Update to Version 2.7 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1030 BugTraq ID: 34075 http://www.securityfocus.com/bid/34075 Bugtraq: 20090310 [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability (Google Search) http://www.securityfocus.com/archive/1/501667/100/0/threaded https://www.exploit-db.com/exploits/8196 HPdes Security Advisory: HPSBUX02514 http://marc.info/?l=bugtraq&m=126996727024732&w=2 HPdes Security Advisory: SSRT100010 http://www.securitytracker.com/id?1021838 XForce ISS Database: wordpressmu-wpmufunctions-xss(49184) https://exchange.xforce.ibmcloud.com/vulnerabilities/49184
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.