MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-03-31T17:35:00

Updated: 2024-08-07T01:14:06.657Z

Reserved: 2010-03-30T00:00:00

Link: CVE-2010-1189

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-03-31T18:00:00.593

Modified: 2010-05-20T05:49:24.860

Link: CVE-2010-1189

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-03-08T00:00:00Z

Links: CVE-2010-1189 - Bugzilla