3 matches found
CVE-2015-6737
Cross-site scripting XSS vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content...
CVE-2015-6737
Cross-site scripting XSS vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content...
CVE-2015-6737
CVE-2015-6737 is a MediaWiki Widgets extension XSS vulnerability. Remote attackers could inject arbitrary script/HTML via base64-encoded content. Affected: MediaWiki Widgets extension. Root cause: cross-site scripting in the Widgets template. Impact documented as possible remote code execution vi...