3 matches found
MediaWiki cross-site scripting vulnerability (CNVD-2015-02415)
MediaWiki is a Wiki program. A cross-site scripting vulnerability exists in MediaWiki. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of a custom JavaScript file...
DEBIAN-CVE-2015-2938
Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file...
UBUNTU-CVE-2015-2938
Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file...