Summary
This host is running MediaWiki and clickjacking information disclosure vulnerability.
Impact
Successful exploitation will let remote attackers to hijack the victim's click actions and possibly launch further attacks against the victim.
Impact level: Application
Solution
Upgrade to MediaWiki 1.16.1 or later,
For updates refer to http://www.mediawiki.org/wiki/Download
Insight
The flaw is caused by input validation errors when processing certain data via frames, which could allow clickjacking attacks.
Affected
MediaWiki version prior to 1.16.1
References
Severity
Classification
-
CVE CVE-2011-0003 -
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N
Related Vulnerabilities