Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-6334

Опубликовано: 20 апр. 2017
Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mediawikiend-of-lifewheezypackage
mediawikifixed1:1.27.1-1package

Примечания

  • https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html

Связанные уязвимости

ubuntu логотип

CVE-2016-6334

CVSS3: 6.1
ubuntu
почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.

nvd логотип

CVE-2016-6334

CVSS3: 6.1
nvd
почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.

github логотип

GHSA-9276-9qp2-vqp8

CVSS3: 6.1
github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.