Description

Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Internet Explorer.

Remediation

References

CVE-2010-1647

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2007-2130)

WordPress Plugin Admin Custom Login Cross-Site Request Forgery (3.2.7)

Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990)

Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5741)

Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)

Severity

Medium

Classification

CVE-2010-1647 CWE-707

Tags

Missing Update Known Vulnerabilities