Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether this specific XSS scenario has security relevance
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:41
Updated: 2022-10-03T16:15:41
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-0782
JSON object: View
NVD Information
Status : Modified
Published: 2012-01-30T17:55:00.843
Modified: 2024-05-17T00:51:38.620
Link: CVE-2012-0782
JSON object: View
Redhat Information
No data.
CWE