CVE-2008-5278
Publication date 28 November 2008
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable).
Status
Package | Ubuntu Release | Status |
---|---|---|
wordpress | 11.10 oneiric |
Not affected
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid | Ignored end of life, was needed | |
8.04 LTS hardy | Ignored end of life | |
7.10 gutsy | Ignored end of life, was needed | |
6.06 LTS dapper | Ignored end of life |