WordPress Broken Link Checker Plugin Cross-Site Scripting Vulnerability
Publish Date: 21 luglio 2015
Gravità: : Critico
Data notifica: 21 luglio 2015
Descrizione
There exists a persistent stored cross site scripting vulnerability, also known as a stored XSS, in the Broken Link Checker. Stored XSS occurs when a web application gathers potentially malicious input from a user and then stores it on the site. This vulnerability can be used by attackers to obtain a crafted link with malicious payload via the post / comment fields. The JavaScript code is executed when the site administrator attempts to enter the Broken Link Checker control panel.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1000552