Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2005-4501
HistoryDec 22, 2005 - 9:03 p.m.

CVE-2005-4501

2005-12-2221:03:00
Debian Security Bug Tracker
security-tracker.debian.org
8

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.024 Low

EPSS

Percentile

89.6%

MediaWiki before 1.5.4 uses a hard-coded “internal placeholder string”, which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.024 Low

EPSS

Percentile

89.6%

Related for DEBIANCVE:CVE-2005-4501