CVE-2013-4568

Опубликовано: 13 дек. 2013

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

Описание

Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS, as demonstrated using variations of "expression" containing (1) full width characters or (2) IPA extensions, which are converted and rendered by Internet Explorer.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [1:1.19.14+dfsg-1]]
lucid	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was needed
quantal	ignored	end of life
raring	ignored	end of life
saucy	ignored	end of life
trusty	not-affected	1:1.19.14+dfsg-1
trusty/esm	DNE	trusty was not-affected [1:1.19.14+dfsg-1]

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%

0.00497

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2013-4568

nvd

около 12 лет назад

CVE-2013-4568

debian

около 12 лет назад

Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...

GHSA-gx65-cr9q-7fgc

github

больше 3 лет назад

EPSS

Процентиль: 65%

0.00497

Низкий

4.3 Medium

CVSS2

CVE-2013-4568

Описание

Пакет mediawiki

Ссылки на источники

Связанные уязвимости