hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
df455d7fb554c693cc4ff853ff46b7b8a75fd748
websafe-kb/08-threat-intel/registry/advisories/wordpress--CVE-2006-0985.json

72 行
2.1 KiB
JSON
原始文件 Blame 文件历史

{
"canonical_id": "wordpress--CVE-2006-0985",
"system_id": "wordpress",
"display_name": "WordPress",
"category": "cms",
"advisory_mode": "core",
"title": "CVE-2006-0985",
"summary": "Multiple cross-site scripting (XSS) vulnerabilities in the \"post comment\" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters.",
"published_at": "2006-03-03T11:02:00.000",
"updated_at": "2025-04-03T01:03:51.193",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "http://NeoSecurityTeam.net/advisories/Advisory-17.txt",
"secondary_source_urls": [
"http://secunia.com/advisories/19050",
"http://www.securityfocus.com/archive/1/426304/100/0/threaded",
"http://www.securityfocus.com/archive/1/426504/100/0/threaded",
"http://www.securityfocus.com/archive/1/426574/100/0/threaded",
"http://www.vupen.com/english/advisories/2006/0777",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/24957"
],
"aliases": [
"CVE-2006-0985"
],
"cve_ids": [
"CVE-2006-0985"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"plugin-extension-trust-policy",
"xss-output-encoding",
"file-upload-validation",
"token-cookie-storage"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"historical_status": null,
"latest_status": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD WordPress"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}
在新工单中引用 查看 Git Blame 复制永久链接