Описание
Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1:1.15.1-1ubuntu2 |
| hardy | not-affected | 1:1.11.2-2ubuntu0.4 |
| intrepid | not-affected | 1:1.12.0-2ubuntu0.4 |
| jaunty | not-affected | 1:1.13.3-1ubuntu2.1 |
| karmic | not-affected | 1:1.15.0-1.1 |
| upstream | released | 1.14.1, 1.15.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.
Cross-site scripting (XSS) vulnerability in the Special:Block implemen ...
Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.
EPSS
4.3 Medium
CVSS2