Description

Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template.

Remediation

References

CVE-2005-2396

Related Vulnerabilities

Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2513)

WordPress Plugin Timeline Event History PHP Object Injection (3.1)

MySQL CVE-2017-10365 Vulnerability (CVE-2017-10365)

WordPress Plugin GiveWP-Donation and Fundraising Platform Security Bypass (2.5.4)

WordPress Plugin Powerplay Gallery 'upload.php' Arbitrary File Upload (3.2)

Severity

Medium

Classification

CVE-2005-2396

Tags

Missing Update Known Vulnerabilities