4 matches found
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
CVE-2012-6453
CVE-2012-6453 affects the RSS Reader extension for MediaWiki prior to version 0.2.6. The vulnerability arises from improper escaping in feed content, allowing remote attackers to inject arbitrary JavaScript/HTML into MediaWiki pages via a crafted feed. Several connected sources (Debian/DSA-2596-1...
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...