Description

Multiple cross-site scripting (XSS) vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) url parameter.

Remediation

References

CVE-2014-9477

Related Vulnerabilities

Java Unspesificed Vulnerability (CVE-2018-3136)

PostgreSQL Other Vulnerability (CVE-1999-0862)

Envoy Proxy Use After Free Vulnerability (CVE-2024-23322)

WordPress Plugin Are You a Human-The Fun Spam Blocker Cross-Site Scripting (1.4.32)

Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)

Severity

Medium

Classification

CVE-2014-9477 CWE-707

Tags

Missing Update Known Vulnerabilities