4 matches found
CVE-2026-58030 SyntaxHighlight stored XSS via unsanitized 'linelinks' attribute
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...
CVE-2013-4305
Cross-site scripting XSS vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2013-4305
CVE-2013-4305 is a Cross-Site Scripting (XSS) vulnerability in the SyntaxHighlight GeSHi extension for MediaWiki, exposed via contrib/example.php. The root cause is improper sanitization of input to the example.php script, allowing an attacker to inject arbitrary script or HTML via PATH_INFO. Pub...
MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities
According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - The full installation path is disclosed in an error message when an invalid language is specified in the ResourceLoader. CVE-2013-4301 - Multiple cross-site reque...