Description

Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.

Remediation

References

CVE-2004-2152

Related Vulnerabilities

WordPress Plugin Yandex Money button Cross-Site Scripting (2.3.3)

PHP Other Vulnerability (CVE-2007-3790)

WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)

WordPress Plugin Count per Day 'userperspan.php' Multiple Cross-Site Scripting Vulnerabilities (3.1.1)

Oracle Database Server CVE-2014-6542 Vulnerability (CVE-2014-6542)

Severity

Medium

Classification

CVE-2004-2152

Tags

Missing Update Known Vulnerabilities