Description

Multiple cross-site scripting (XSS) vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) url parameter.

Remediation

References

CVE-2014-9477

Related Vulnerabilities

WordPress Plugin WPMktgEngine Security Bypass (3.7.6)

MySQL CVE-2022-21417 Vulnerability (CVE-2022-21417)

WordPress Plugin OneSignal-Web Push Notifications Cross-Site Scripting (1.17.7)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727)

WordPress Plugin FooBox Image Lightbox Security Bypass (2.6.3)

Severity

Medium

Classification

CVE-2014-9477 CWE-707

Tags

Missing Update Known Vulnerabilities