MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-08-22T17:00:00
Updated: 2024-08-06T11:41:48.324Z
Reserved: 2014-08-14T00:00:00
Link: CVE-2014-5243
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-08-22T17:55:02.907
Modified: 2017-01-07T03:00:27.243
Link: CVE-2014-5243
Redhat
No data.