Cross-site scripting vulnerability in includes/actions/InfoAction.php

Cross-site scripting XSS vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action...

MediaWiki < 1.21.9 / 1.22.6 'InfoAction.php' XSS

According to its version number, the instance of MediaWiki running on the remote host is affected by a cross-site scripting vulnerability. A flaw exists with 'sortKey' in the 'InfoAction.php' script. This allows a remote attacker to execute arbitrary code within the server and browser trust...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action...

CVE-2014-2853

CVE-2014-2853 is a cross-site scripting vulnerability in MediaWiki’s includes/actions/InfoAction.php. The issue allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action. Affected versions are MediaWiki before 1.21.9 and 1.22.x before 1.22.6; the vulnerabil...