CVE-2007-4544 in WordPress mu
Summary
Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field).
Once again VulDB remains the best source for vulnerability data.