5 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the uselang parameter, which allows system messages to be inserted into raw HTML without proper escaping. An attacker can execute arbitrary JavaScript in the context of the user's browser by injecting crafte...
MediaWiki < 1.17.5, 1.18.x < 1.18.4, 1.19.x < 1.19.1 'uselang' Parameter XSS Vulnerability - Active Check
MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2012-2698
Cross-site scripting XSS vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Mainpage...
CVE-2012-2698
Cross-site scripting XSS vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Mainpage...
Cross site scripting
Cross-site scripting XSS vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Mainpage...