PRIOn knowledge basePRION:CVE-2011-0047Cross site scripting
6.2 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.3%
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka “CSS injection vulnerability.”
References
osvdb.org/70770
secunia.com/advisories/43142
www.securityfocus.com/bid/46108
www.vupen.com/english/advisories/2011/0273
bugzilla.wikimedia.org/show_bug.cgi?id=27093
exchange.xforce.ibmcloud.com/vulnerabilities/65126
lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html
lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html
lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html
lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html
Related
6.2 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.3%