mediawiki -- hardcoded placeholder string security bypass vulnerability

ID 99015CF5-C4DD-11DA-B2FB-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2005-12-22T00:00:00


The mediawiki development team reports a vulnerability within the mediawiki application. The vulnerability is caused by improper checking of inline style attributes. This could result in the execution of arbitrary javascript code in Microsoft Internet Explorer. It appears that other browsers are not affected by this vulnerability.