Description

Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2007-4828

Related Vulnerabilities

Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474)

WordPress Plugin Discount Rules for WooCommerce Multiple Vulnerabilities (2.0.2)

Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12028)

WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)

WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)

Severity

Medium

Classification

CVE-2007-4828 CWE-707

Tags

Missing Update Known Vulnerabilities