Back to search
CVE-2005-4501
Published: Dec 22, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.mediawiki.org/wiki/Download
x_refsource_CONFIRM
ADV-2005-3059
vdb-entry
x_refsource_VUPEN
18219
third-party-advisory
x_refsource_SECUNIA
mediawiki-placeholder-bypass-security(23882)
vdb-entry
x_refsource_XF
SUSE-SR:2006:003
vendor-advisory
x_refsource_SUSE
16032
vdb-entry
x_refsource_BID
18717
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now