CVE-2006-6808

Publication date 28 December 2006

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
wordpress 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy
Not affected
7.04 feisty
Not affected
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life