Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | (pipe) character.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-05-26T01:00:00

Updated: 2024-08-07T17:58:51.837Z

Reserved: 2006-05-25T00:00:00

Link: CVE-2006-2611

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-05-26T01:06:00.000

Modified: 2024-11-21T00:11:40.897

Link: CVE-2006-2611

cve-icon Redhat

No data.