MediaWiki Listings Extension Cross-site Scripting Vulnerability - Jan15 Network Vulnerability

Summary

This host is installed with Listings extension for MediaWiki and is prone to cross-site scripting vulnerability.

Impact

Successful exploitation will allow remote attacker to execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. Impact Level: Application

Solution

Upgrade to Listings extension version 1.2.0 or later. For updates refer to http://www.mediawiki.org/wiki/Extension:Listings

Insight

The flaw exist as input passed via 'name' or 'url' POST parameter to the 'Extension:Listings' script is not validated before returning it to users.

Affected

Listings extension version before 1.2.0 for Mediawiki

Detection

Send a crafted HTTP POST request and check whether it is able to read cookie or not.

References

http://www.openwall.com/lists/oss-security/2015/01/03/13
https://phabricator.wikimedia.org/T77624

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9477

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Admidio get_file.php Remote File Disclosure Vulnerability
Apache Archiva Cross Site Request Forgery Vulnerability
Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities

MediaWiki Listings extension Cross-site scripting Vulnerability - Jan15

Take action and discover your vulnerabilities