Description

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links.

Remediation

References

CVE-2006-1498

Related Vulnerabilities

Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-7312)

MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)

Joomla Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2007-4190)

Oracle Database Server Resource Management Errors Vulnerability (CVE-2007-5506)

WordPress Plugin Dexs PM System Cross-Site Scripting (1.0.1)

Severity

Medium

Classification

CVE-2006-1498

Tags

Missing Update Known Vulnerabilities