Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml +++ security/vuxml/vuln.xml @@ -58,6 +58,43 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + wordpress -- multiple issues + + + wordpress + fr-wordpress + 4.9.1,1 + + + de-wordpress + zh_CN-wordpress + zh_TW-wordpress + ja-wordpress + ru_RU-wordpress + 4.9.1 + + + + +

wordpress developers reports:

+
Use a properly generated hash for the newbloguser key instead of a determinate substring.
+
Add escaping to the language attributes used on html elements.
+
Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
+
Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.
+

+ + + + https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ + + + 2017-11-29 + 2017-12-01 + + + asterisk -- DOS Vulnerability in Asterisk chan_skinny