Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-thxk-rv7u-dqdk
Vulnerability ID VCID-thxk-rv7u-dqdk
Aliases CVE-2008-5278
Summary wordpress-mu: XSS vulnerability in RSS Feed Generator
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
epss 0.03157 https://api.first.org/data/v1/epss?cve=CVE-2008-5278
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5278.json
https://api.first.org/data/v1/epss?cve=CVE-2008-5278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5278
473577 https://bugzilla.redhat.com/show_bug.cgi?id=473577
507193 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507193
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.87128
EPSS Score 0.03157
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T10:17:08.094638+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5278.json 38.6.0