4 matches found
Fedora Update for mediawiki FEDORA-2010-6335
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
MediaWiki >= 1.5 CSS验证信息泄露漏洞
BUGTRAQ ID: 38621 CVE ID: CVE-2010-1189 MediaWiki是著名的wiki程序,运行于PHP+MySQL环境。 MediaWiki的CSS验证功能没有禁止wiki编辑者在wiki页面中链接到其他网站的图形,这允许编辑者通过添加到恶意网站上的图形链接获得IP 地址等有关于wiki用户的敏感信息。 MediaWiki = 1.5 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-2022-1)以及相应补丁: DSA-2022-1:New mediawiki packages fix several...
openSUSE Security Update : mediawiki (openSUSE-SU-2010:0154-1)
MediaWiki was prone to a CSS validation flaw and data leakage vulnerability CVE-2010-1189, CVE-2010-1190. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mediawiki-2356. The text description o...
CVE-2010-1189
MediaWiki prior to 1.15.2 is affected by a CSS validation issue that allows editors to link to images on attacker‑controlled sites, enabling collection of IP addresses and other user information. The root cause is the CSS validation check not preventing this behavior. Impact is limited to disclos...