Description

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888.

Remediation

References

CVE-2005-2215

Related Vulnerabilities

Python Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-1000802)

Mailman Other Vulnerability (CVE-2004-1143)

Atlassian Jira CVE-2020-4029 Vulnerability (CVE-2020-4029)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (2.7.7)

Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12)

Severity

Medium

Classification

CVE-2005-2215

Tags

Missing Update Known Vulnerabilities