Debian Security Advisory
DLA-1096-1 wordpress-shibboleth -- LTS security update
- Date Reported:
- 13 Sep 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-14313.
- More information:
It was discovered that there was a an XSS vulnerability in the login form of the
Shibbolethidentity provider module for Wordpress.
For Debian 7
Wheezy, this issue has been fixed in wordpress-shibboleth version 1.4-2+deb7u1.
We recommend that you upgrade your wordpress-shibboleth packages.