Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
https://bugzilla.wikimedia.org/show_bug.cgi?id=27094 https://bugzilla.wikimedia.org/show_bug.cgi?id=27093 http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/RELEASE-NOTES http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html http://www.vuxml.org/freebsd/8d04cfbd-344d-11e0-8669-0025222482c5.html
Insight
The following package is affected: mediawiki
CVE-2011-0047
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka 'CSS injection vulnerability.'
Severity
Classification
-
CVE CVE-2011-0047 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities