Description
Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wp_title function.
Remediation
References
Related Vulnerabilities
e107 Other Vulnerability (CVE-2005-2805)
LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174)
MySQL CVE-2013-1512 Vulnerability (CVE-2013-1512)
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-29004)