<<< Date Index >>>     <<< Thread Index >>>

Wordpress <= v2.1.0



If you're logged in into wordpress as an admin, your comments aren't properly 
sanitized, thus allowing an XSS to be posted. This can be exploited using XSRF 
techniques.

More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt