Lucene search
K

4 matches found

OSV
OSV
added 2017/04/20 5:59 p.m.20 views

CVE-2016-6333

Cross-site scripting XSS vulnerability in the CSS user subpage preview feature in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via the edit box in Special:MyPage/common.css...

6.1CVSS5.7AI score
Exploits0References4
Cvelist
Cvelist
added 2017/04/20 5:0 p.m.25 views

CVE-2016-6333

Cross-site scripting XSS vulnerability in the CSS user subpage preview feature in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via the edit box in Special:MyPage/common.css...

6.2AI score0.01016EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/04/20 5:0 p.m.24 views

CVE-2016-6333

Cross-site scripting XSS vulnerability in the CSS user subpage preview feature in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via the edit box in Special:MyPage/common.css...

6.1CVSS6.4AI score0.01016EPSS
Exploits0
Mageia
Mageia
added 2015/12/24 11:8 a.m.48 views

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.12, an XSS vector exists when MediaWiki is configured with a non-standard configuration, from wikitext when $wgArticlePath='$1' CVE-2015-8622. In MediaWiki before 1.23.12, tokens were being compared as strings, whic...

9.8CVSS6.9AI score0.01888EPSS
Exploits0References3
Rows per page
Query Builder