Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From lkundrak@redhat.com 2007-11-02 13:02 EST ------- RHEL is a different operating system with a different development model and different expectations from users. Not a good analogy.
I understand that you can not do anything about fixing this anyways without more specific information other than the advisory. I mailed the guy who discovered the flaw and asked for more information. In case we won't learn more, we may consider the issue non{public,existent}.