Cross site scripting

2007-09-1219:17:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.6%

JSON

Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
mediawikieq1.8.2
mediawikieq1.11.0-development
mediawikieq1.9.3
mediawikieq1.8.0
mediawikieq1.9.2
mediawikieq1.9.1
mediawikieq1.10.1
mediawikieq1.8.3
mediawikieq1.8.4
mediawikieq1.8.1

Name	Operator	Version
mediawiki	eq	1.8.2
mediawiki	eq	1.11.0-development
mediawiki	eq	1.9.3
mediawiki	eq	1.8.0
mediawiki	eq	1.9.2
mediawiki	eq	1.9.1
mediawiki	eq	1.10.1
mediawiki	eq	1.8.3
mediawiki	eq	1.8.4
mediawiki	eq	1.8.1