MidnightBSD

Advisories for ulyssesonline

CVE-2011-3865 MEDIUM

Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ulyssesonline black-letterhead 1.2
ulyssesonline black-letterhead 1.1
ulyssesonline black-letterhead *
ulyssesonline black-letterhead 1.3
ulyssesonline black-letterhead 1.4