Description

Cross-site scripting (XSS) vulnerability in blogroll.php in the cordobo-green-park theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF portion of a URI.

Remediation

References

CVE-2007-3241

Related Vulnerabilities

EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21627)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26071)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2015-4852)

WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)

Severity

Medium

Classification

CVE-2007-3241

Tags

Missing Update Known Vulnerabilities