CVE-2016-7168 - log back

CVE-2016-7168 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A cross-site scripting vulnerability has been discovered via a malicious image filename, reported by SumOfPwn researcher Cengiz Han Sahin. A WordPress admin can be tricked into uploading a malicious image file requested by a user this admin trusts or a popular malicious image that was spread via social media.
References
+ http://www.openwall.com/lists/oss-security/2016/09/08/24
Notes