CVE-2011-0047 Information
Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments aka \CSS injection vulnerability.\
Reference
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html http://osvdb.org/70770 http://secunia.com/advisories/43142 http://www.securityfocus.com/bid/46108 http://www.vupen.com/english/advisories/2011/0273 https://bugzilla.wikimedia.org/show_bug.cgi?id=27093 https://exchange.xforce.ibmcloud.com/vulnerabilities/65126
Share on: