Описание
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:1.15.5-10 |
| hardy | not-affected | |
| lucid | not-affected | |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| upstream | released | 1:1.19.1-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
Cross-site scripting (XSS) vulnerability in the outputPage function in ...
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
EPSS
4.3 Medium
CVSS2