Description

Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828.

Remediation

References

CVE-2007-4883

Related Vulnerabilities

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15732)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2007-4652)

WordPress Plugin GorillaForms-Custom Contact Forms Unspecified Vulnerability (2.0.3)

Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39114)

Drupal Core 8.8.x Cross-Site Request Forgery (8.8.0 - 8.8.7)

Severity

Medium

Classification

CVE-2007-4883 CWE-707

Tags

Missing Update Known Vulnerabilities