CVE-2007-2627

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-2627

CGA ID

Description

Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than CVE-2007-1622.

References

https://images.chainguard.dev/security/CGA-3554-hxc6-jjgw
https://github.com/advisories/GHSA-vrh3-hvpj-7864
http://osvdb.org/37296
http://securityreason.com/securityalert/2694
http://www.securityfocus.com/archive/1/467360/100/0/threaded
https://security-tracker.debian.org/tracker/CVE-2007-2627

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2007-2627

Description

References

Affected packages

Product

Why Chainguard

Customers

Company

Resources