Description
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']).
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Business Intelligence Lite Arbitrary File Upload (1.0.6)
WordPress Plugin Calendar Event Multi View Cross-Site Scripting (1.3.99)
PostgreSQL Other Vulnerability (CVE-2006-2314)
WordPress Plugin Squeeze Arbitrary File Upload (1.4)
WordPress Plugin ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7)