---

CVE-2016-7168 - log back

CVE-2016-7168 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Cross-site scripting
Description	+ A cross-site scripting vulnerability has been discovered via a malicious image filename, reported by SumOfPwn researcher Cengiz Han Sahin. A WordPress admin can be tricked into uploading a malicious image file requested by a user this admin trusts or a popular malicious image that was spread via social media.
References	+ http://www.openwall.com/lists/oss-security/2016/09/08/24
Notes