Launchpad CVE tracker

CVE 2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source.

Related bugs and status

CVE-2009-2431 (Candidate) is related to these bugs:

Bug #227547: ubuntu wordpress should suppress the "please update" warning

		In	Importance	Status
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu)	Wishlist	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Debian)	Undecided	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu Intrepid)	Undecided	Fix Released
227547	ubuntu wordpress should suppress the "please update" warning	wordpress (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

OSVDB: 55716
SECTRACK: 1022528
VUPEN: ADV-2009-1833
MISC: http://corelabs.corese...
XF: wordpress-username-inf...
BUGTRAQ: 20090708 CORE-2009-015...

Launchpad.net

CVE 2009-2431

Related bugs and status

Related bugs

References