MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-08-22T17:00:00

Updated: 2024-08-06T11:41:48.324Z

Reserved: 2014-08-14T00:00:00

Link: CVE-2014-5243

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-08-22T17:55:02.907

Modified: 2017-01-07T03:00:27.243

Link: CVE-2014-5243

cve-icon Redhat

No data.