Description

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results.

Remediation

References

CVE-2008-1318

Related Vulnerabilities

Citrix ADC NetScaler Local File Inclusion (CVE-2020-8193)

WordPress Plugin Greg's High Performance SEO Cross-Site Scripting (1.6.1)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.0.9)

WordPress Ultimate Member Plugin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-1209)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)

Severity

Medium

Classification

CVE-2008-1318 CWE-200

Tags

Missing Update Known Vulnerabilities