Lucene search

K
cve[email protected]CVE-2005-4501
HistoryDec 22, 2005 - 9:03 p.m.

CVE-2005-4501

2005-12-2221:03:00
NVD-CWE-Other
web.nvd.nist.gov
17
mediawiki
xss
cve-2005-4501
cross-site scripting
bypass
internet explorer

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.024 Low

EPSS

Percentile

89.6%

MediaWiki before 1.5.4 uses a hard-coded “internal placeholder string”, which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.024 Low

EPSS

Percentile

89.6%

Related for CVE-2005-4501