Summary: | www-apps/mediawiki <1.12.1 <1.13.2 XSS (CVE-2008-4408) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | craig, trapni, web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~4 [ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2008-10-02 16:19:03 UTC
*** Bug 239488 has been marked as a duplicate of this bug. *** Impact: XSS Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component. mediawiki 1.12.1 and 1.13.2 are in the tree. Affected versions removed. Done. thanks, closing then. |