Description
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1461)
WordPress Plugin HK Exif Tags Cross-Site Scripting (1.11)
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3)
WordPress Plugin Related Posts Cross-Site Scripting (5.12.91)
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)