Description: A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site. Successful exploitation requires that MediaWiki has been configured to output through HTML Tidy. Solution: Update to version 1.3.12 or 1.4.2. http://sourceforge.net/project/showfiles.php?group_id=34373
web-apps please bump.
*** Bug 86470 has been marked as a duplicate of this bug. ***
Pls look at the metadata.xml.
I'm on it, gimme some time (same for 1.4.2) this weekend, please
all in the trees.
trapni: Please do not close security bugs until we stable-d and glsa-ed them :) x86, amd64: please test and mark stable mediawiki
1.3.12 is already stable: KEYWORDS="x86 amd64" i'm unsure about 1.4.12, should we mark it stable too? previous 1.4.x seem all to be ~arch
blubb: you're right, no more stabling needed, it's ready for GLSA voting :)
I'm using 1.4.x since beta on my gentoo systems, and now 1.4.2. all archs are x86 and my desktop is amd64, though, I can confirm, that I didn't get any oddy results yet. not marking fixed? hmm... sorry for that, I'll remember that for the next time :)
"Successful exploitation requires that MediaWiki has been configured to output through HTML Tidy" --> I suppose it's not the default --> C4? (specific config needed) --> I vote NO
from the release notes: == MediaWiki 1.4.2 == (released 2005-04-20) MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release series. A cross-site scripting injection vulnerability was discovered, which affects only MSIE clients and is only open if MediaWiki has been manually configured to run output through HTML Tidy ($wgUseTidy). Several other bugs are fixed in this release, see the changelog below. _____ voting NO therefor
Two NO votes -> Closing.
