Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-02-21T23:00:00
Updated: 2024-08-07T12:43:22.463Z
Reserved: 2007-02-21T00:00:00
Link: CVE-2007-1055
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-02-21T23:28:00.000
Modified: 2024-11-21T00:27:23.910
Link: CVE-2007-1055
Redhat
No data.