Description

Cross-site scripting (XSS) vulnerability in the Hovercards extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors related to text extracts.

Remediation

References

CVE-2014-9480

Related Vulnerabilities

Moodle Missing Authorization Vulnerability (CVE-2024-48898)

MediaWiki Other Vulnerability (CVE-2005-0536)

Oracle HTTP Server CVE-2022-21375 Vulnerability (CVE-2022-21375)

WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)

WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)

Severity

Medium

Classification

CVE-2014-9480 CWE-707

Tags

Missing Update Known Vulnerabilities