Description

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.

Remediation

References

CVE-2005-1888

Related Vulnerabilities

WordPress Plugin WP Marketplace TimThumb Arbitrary File Upload (1.1.0)

IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability (CVE-2017-1480)

WordPress Plugin Tune Library 'letter' Parameter SQL Injection (1.5.1)

MediaWiki Insecure Storage of Sensitive Information Vulnerability (CVE-2021-36127)

WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)

Severity

Medium

Classification

CVE-2005-1888

Tags

Missing Update Known Vulnerabilities