2018-04-14 13:00:00
mitre
PUBLISHED
Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.