EUVD-2013-4202

Malware in sbrugna...

MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - The full installation path is disclosed in an error message when an invalid language is specified in the ResourceLoader. CVE-2013-4301 - Multiple cross-site reque...

CVE-2013-4308

Cross-site scripting XSS vulnerability in pages/TalkpageHistoryView.php in the LiquidThreads LQT extension 2.x and possibly 3.x for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to inject arbitrary web script or HTML via a thread subject...

Cross site scripting

Cross-site scripting XSS vulnerability in pages/TalkpageHistoryView.php in the LiquidThreads LQT extension 2.x and possibly 3.x for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to inject arbitrary web script or HTML via a thread subject...

CVE-2013-4308

Cross-site scripting XSS vulnerability in pages/TalkpageHistoryView.php in the LiquidThreads LQT extension 2.x and possibly 3.x for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to inject arbitrary web script or HTML via a thread subject...

CVE-2013-4308

CVE-2013-4308 is a cross-site scripting (XSS) vulnerability in the LiquidThreads (LQT) TalkpageHistoryView.php component of MediaWiki. Affects LQT 2.x (and possibly 3.x) on MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2. Remote attackers can inject arbitrary script...