[Bug 245211] Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
bugzilla at redhat.com
bugzilla at redhat.com
Thu Nov 1 20:49:55 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From john at ncphotography.com 2007-11-01 16:49 EST -------
Wordpress upstream is far from dead, they simply did not respond to my inquiry
regarding this specific vulnerability. They have made additional releases, and
we currently have version 2.2.3 available in FC7, 2.3.1 in devel. I'm as
comfortable having wordpress in the distro as I am with having various bugs I've
reported in RHEL still be open after multiple years, or closed with a WONTFIX
from PM.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Fedora-security-list
mailing list