CVE-2014-2242 Information
Description
includes/upload/UploadBase.php in MediaWiki before 1.19.12 1.20.x and 1.21.x before 1.21.6 and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files which allows remote attackers to conduct cross-site scripting (XSS) attacks via an SVG upload as demonstrated by use of a W3C XHTML namespace in conjunction with an IFRAME element.
Reference
http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-February/000141.html http://openwall.com/lists/oss-security/2014/02/28/1 http://openwall.com/lists/oss-security/2014/03/01/2 http://www.securityfocus.com/bid/65910 https://bugzilla.redhat.com/show_bug.cgi?id=1071135 https://bugzilla.wikimedia.org/show_bug.cgi?id=60771 https://gerrit.wikimedia.org/r//q/7d923a6b53f7fbcb0cbc3a19797d741bf6f440ebnz
Share on: