mediawiki -- hardcoded placeholder string security bypass vulnerability

2005-12-22T00:00:00
ID 99015CF5-C4DD-11DA-B2FB-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2005-12-22T00:00:00

Description

The mediawiki development team reports a vulnerability within the mediawiki application. The vulnerability is caused by improper checking of inline style attributes. This could result in the execution of arbitrary javascript code in Microsoft Internet Explorer. It appears that other browsers are not affected by this vulnerability.