4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...
CVE-2010-2788
Cross-site scripting XSS vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...
CVE-2010-2788
CVE-2010-2788 is a cross-site scripting (XSS) vulnerability in MediaWiki, affecting profiles via profileinfo.php. It occurs in MediaWiki releases prior to 1.15.5 when wgEnableProfileInfo is enabled, allowing remote attackers to inject arbitrary web script or HTML through the filter parameter. Con...
MediaWiki profileinfo.php 'filter' Parameter XSS
The version of MediaWiki running on the remote host is affected by a cross-site scripting vulnerability due to improper validation of user-supplied input to the 'filter' parameter in the 'profileinfo.php' script. A remote attacker can exploit this, by tricking a user into requesting a maliciously...