Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2014-08-22T17:00:00
Updated: 2024-08-06T11:41:48.075Z
Reserved: 2014-08-14T00:00:00
Link: CVE-2014-5242

No data.

Status : Modified
Published: 2014-08-22T17:55:02.860
Modified: 2024-11-21T02:11:40.970
Link: CVE-2014-5242

No data.