2 matches found
CVE-2015-6731
Multiple cross-site scripting XSS vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via a 1 section, 2 template, 3 label, or 4 newtemplate parameter to Special:CreateForm or 5 target or 6 altform parameter to Special:FormEdi...
CVE-2015-6731
CVE-2015-6731 concerns the MediaWiki SemanticForms extension. The vulnerability is an XSS flaw in several parameters exposed by forms: section_, template_ , label_*, new_template (Special:CreateForm) and target, alt_form (Special:FormEdit). The root cause is inadequate input filtering in these pa...