Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-04-27T00:00:00

Updated: 2024-08-07T02:46:48.051Z

Reserved: 2010-07-22T00:00:00

Link: CVE-2010-2788

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-04-27T00:55:01.740

Modified: 2011-09-07T03:10:05.427

Link: CVE-2010-2788

cve-icon Redhat

No data.