id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
16089	Cross-site Scripting Vulnerability in /wp-admin/setup-config	danielmiessler		There appears to be a vulnerability in the setup-config file whereby a user can submit script to the dbhost parameter and have it echoed back by WordPress. I have attached an image for your review.	defect (bug)	closed	normal		General	3.1	critical	wontfix	has-patch