{"id":"CVE-2006-1796","details":"Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']).","modified":"2026-04-10T03:38:26.019900Z","published":"2006-04-17T20:06:00Z","references":[{"type":"FIX","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328909"},{"type":"FIX","url":"http://trac.wordpress.org/ticket/1686"}],"schema_version":"1.7.5"}