Description
Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL.
Remediation
References
Related Vulnerabilities
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8669)
SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539)
WordPress Plugin Login with phone number Security Bypass (1.7.26)
PHP Improper Input Validation Vulnerability (CVE-2012-0831)
Apache HTTP Server CVE-2013-2249 Vulnerability (CVE-2013-2249)