Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-02-25T20:00:00

Updated: 2024-08-07T04:48:51.639Z

Reserved: 2009-02-25T00:00:00

Link: CVE-2009-0737

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-02-25T20:30:02.483

Modified: 2009-10-14T05:22:01.267

Link: CVE-2009-0737

cve-icon Redhat

Severity : Low

Publid Date: 2009-07-01T00:00:00Z

Links: CVE-2009-0737 - Bugzilla