Description

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.

Remediation

References

CVE-2005-1888

Related Vulnerabilities

Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718)

ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)

WordPress Plugin Simple Events Calendar Multiple Vulnerabilities (1.3.5)

MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)

b2evolution Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-8901)

Severity

Medium

Classification

CVE-2005-1888

Tags

Missing Update Known Vulnerabilities