Archive for October, 2008
Wordpress-MU Cross Site Scripting Vulnerability
Product: Wordpress-MU (multi-user)
Version: Versions prior to 2.6 are affected
Credits: Juan Galiana
Juan Galiana has published the advisory to Bugtraq this week which includes a proof of concept exploit.
Wordpress-MU is affected by a Cross Site Scripting vulnerability, an attacker can perform an XSS attack that allows him to access the
targeted user cookies to gain administrator privileges
In [...]
