Описание
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-0047
- https://bugzilla.wikimedia.org/show_bug.cgi?id=27093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65126
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html
- http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html
- http://osvdb.org/70770
- http://secunia.com/advisories/43142
- http://www.securityfocus.com/bid/46108
- http://www.vupen.com/english/advisories/2011/0273
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 al ...