CVE-2008-7175 Information

Share on:

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

Reference

http://osvdb.org/51428 http://www.securityfocus.com/archive/1/493182/100/0/threaded