Vulnerabilities > CVE-2004-2152 - Unspecified vulnerability in Mediawiki

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mediawiki

nessus

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.

Vulnerable Configurations

Part	Description	Count
Application	Mediawiki Mediawiki Mediawiki 1.2.4 Mediawiki Mediawiki 1.2.1 Mediawiki Mediawiki 1.2.2 Mediawiki Mediawiki 1.2.5 Mediawiki Mediawiki 1.3.4 Mediawiki Mediawiki 1.2.6 Mediawiki Mediawiki 1.3.0 Mediawiki Mediawiki 1.1.0 Mediawiki Mediawiki 1.3.3 Mediawiki Mediawiki 1.2.3 Mediawiki Mediawiki 1.3.1 Mediawiki Mediawiki 1.2.0 Mediawiki Mediawiki 1.3.2	13

Nessus

NASL family	CGI abuses
NASL id	MEDIAWIKI_MULTIPLE_FLAWS.NASL
description	The remote host appears is running a version of MediaWiki prior to 1.3.11. It is, therefore, affected by various vulnerabilities, including some that allow an attacker to execute arbitrary PHP code on the remote host. Note that Nessus has not tested for these issues but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	18035
published	2005-04-13
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18035
title	MediaWiki < 1.3.11 Multiple Remote Vulnerabilities

Summary

Vulnerable Configurations

Nessus

References