2 matches found
CVE-2006-2611
Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...
CVE-2006-2611
MediaWiki 1.6.x is affected in includes/Sanitizer.php (variable handler) by CVE-2006-2611. The vulnerability allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the | character, and is exploitable before revision r14349. The NVD notes a Medium risk w...