5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.6%
Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828.
osvdb.org/37336
lists.wikimedia.org/pipermail/mediawiki-announce/2007-September/000067.html