Oval Definition:	oval:com.ubuntu.artful:def:20176814000
Revision Date: 2017-03-11 Version: 1 Title: CVE-2017-6814 on Ubuntu 17.10 (artful) - medium. Description: In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-6814 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND NOT While related to the CVE in some way, the 'wordpress' package in artful is not affected (note: '4.7.3+dfsg-1').
BACK