CVE-2018-10102

Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.
Configurations

Configuration 1

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2018-04-16 09:58

Updated : 2018-05-18 01:50


NVD link : CVE-2018-10102

Mitre link : CVE-2018-10102

Products Affected
No products.
CWE