CVE-2015-6731

2015-09-01T10:59:09
ID CVE-2015-6731
Type cve
Reporter NVD
Modified 2016-12-07T13:21:17

Description

Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via a (1) section_, (2) template_, (3) label_*, or (4) new_template parameter to Special:CreateForm or (5) target or (6) alt_form parameter to Special:FormEdit.