Description
Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the selection variable).
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2005-3054)
Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)
WordPress Plugin Inline Tweet Sharer-Twitter Sharing Cross-Site Scripting (2.5.3)
MySQL CVE-2017-3648 Vulnerability (CVE-2017-3648)
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2018-0504)