Description

Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828.

Remediation

References

CVE-2007-4883

Related Vulnerabilities

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13672)

WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (5.5.15)

WordPress Plugin WP Symposium Arbitrary File Upload (14.11)

Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17898)

WordPress Plugin Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)

Severity

Medium

Classification

CVE-2007-4883 CWE-707

Tags

Missing Update Known Vulnerabilities