Description

Cross-site scripting (XSS) vulnerability in the Hovercards extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors related to text extracts.

Remediation

References

CVE-2014-9480

Related Vulnerabilities

WordPress Plugin Modula Image Gallery Cross-Site Scripting (1.3.5)

WordPress Plugin Preview E-mails for WooCommerce Cross-Site Scripting (1.6.8)

PHP Improper Input Validation Vulnerability (CVE-2015-8879)

MySQL CVE-2016-3521 Vulnerability (CVE-2016-3521)

ownCloud CVE-2014-9047 Vulnerability (CVE-2014-9047)

Severity

Medium

Classification

CVE-2014-9480 CWE-707

Tags

Missing Update Known Vulnerabilities