Description

Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.19.23, 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote authenticated users to inject arbitrary web script or HTML via a wikitext message.

Remediation

References

CVE-2014-9475

Related Vulnerabilities

MySQL CVE-2021-35635 Vulnerability (CVE-2021-35635)

WordPress Plugin Simple URLs-Link Cloaking, Product Displays, and Affiliate Link Management Multiple Vulnerabilities (114)

WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.13.39)

WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.3)

Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)

Severity

Low

Classification

CVE-2014-9475 CWE-707

Tags

Missing Update Known Vulnerabilities