Oval Definition:oval:com.ubuntu.xenial:def:20166897000
Revision Date:2017-01-18Version:1
Title:CVE-2016-6897 on Ubuntu 16.04 LTS (xenial) - medium.
Description:Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-6897
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'wordpress' package in xenial is affected and needs fixing.
    • BACK