Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« Joomla Restaurante Component File Upload Vulnerability
Joomla NeoRecruit Component SQL Injection »

MediaWiki XSS

Published by David September 21st, 2007 in Cross Site Scripting and Remote Command Execution.

Application: MediaWiki
Affected Version:
MediaWiki 1.11 < = 1.11.0rc1
MediaWiki 1.10 <= 1.10.1
MediaWiki 1.9 <= 1.9.3
MediaWiki 1.8 <= 1.8.4 (if $wgEnableAPI has been switched on)
Vendor’s URL: MediaWiki HomePage
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.11.0, 1.10.2, 1.9.4, or 1.8.5.

0 Responses to “MediaWiki XSS”

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply

You must login to post a comment.

« Joomla Restaurante Component File Upload Vulnerability
Joomla NeoRecruit Component SQL Injection »

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional