oss-sec mailing list archives
Re: CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability
From: cve-assign () mitre org
Date: Thu, 23 Jul 2015 16:04:27 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
https://wordpress.org/news/2015/07/wordpress-4-2-3/
WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was initially reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team
Use CVE-2015-5622.
We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft.
Use CVE-2015-5623. We think the vulnerability mappings are: CVE-2015-5622 = https://core.trac.wordpress.org/changeset/33359 Note that the news URL says 'fixed by <a href="http://www.miqrogroove.com/">Robert Chapin</a>' and 33359 says "Props miqrogroove." https://core.trac.wordpress.org/changeset/33359/trunk/tests/phpunit/tests/kses.php has: array( 'a', 'href="javascript:alert(1)"', 'href="alert(1)"', ), [ there has been discussion of 33359, although possibly not about any remaining security problem - see https://core.trac.wordpress.org/ticket/15694#comment:24 ] CVE-2015-5623 = https://core.trac.wordpress.org/changeset/33357 Note that https://core.trac.wordpress.org/changeset/33357/trunk/src/wp-admin/post.php makes a change to the "case 'post-quickdraft-save'" section of the wp-admin/post.php file. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVsUhEAAoJEKllVAevmvmsRrIH/RM7N13JnxT91K8kIqEJwRn0 cnPLrUgiX8hBVtWr/Nl20n1wNzG8BYEKRUHbq3AjwgOzzLkRa1d5bNfY565pjkKe h9QfYlFVZ9AkI0jDHMMxcpuX9DbiZW3c32dWE8xtsA421aZnC+lftZID4SOYkMJO Fut7UfedkYcmLO2L0o7tm0QcOZS5aAjrJy1NHsqClMW+3AI6xvccYR8LN9JOAkFU X+pjSom1Q8QDMaEOFOCjZI2nAbZNCehKd6IBWavcgAWZcB+RIxYTjsxl4FE6bvxH dDp8joXZpy62s/bXlhoOiZTgxDV/PpKourV8tg7uU37m35kisQflcBEJn+ptqdg= =IbzO -----END PGP SIGNATURE-----
Current thread:
- CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability Henri Salo (Jul 23)
- Re: CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability cve-assign (Jul 23)