0.003 Low
EPSS
Percentile
68.3%
Cross-site scripting (XSS) vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace.
www.openwall.com/lists/oss-security/2015/04/01/1
launchpad.net/bugs/cve/CVE-2015-2939
lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
nvd.nist.gov/vuln/detail/CVE-2015-2939
security-tracker.debian.org/tracker/CVE-2015-2939
www.cve.org/CVERecord?id=CVE-2015-2939