MediaWiki Edit Form XSS

2006-06-06T13:49:14
ID OSVDB:26219
Type osvdb
Reporter OSVDB
Modified 2006-06-06T13:49:14

Description

Solution Description

Upgrade to version 1.6.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.mediawiki.org/ Vendor Specific News/Changelog Entry: http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_7/phase3/RELEASE-NOTES Secunia Advisory ID:20458 Mail List Post: http://mail.wikipedia.org/pipermail/mediawiki-announce/2006-June/000048.html FrSIRT Advisory: ADV-2006-2159 CVE-2006-2895