Description

Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2007-4828

Related Vulnerabilities

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29203)

WordPress Plugin Developer Tools Arbitrary File Upload (1.1.4)

WordPress Plugin Erident Custom Login and Dashboard Cross-Site Request Forgery (3.4.1)

Drupal Core Multiple Vulnerabilities (8.0.0 - 9.1.15)

Oracle Database Server CVE-2016-0472 Vulnerability (CVE-2016-0472)

Severity

Medium

Classification

CVE-2007-4828 CWE-707

Tags

Missing Update Known Vulnerabilities