Vulnerabilities > CVE-2005-3165 - Unspecified vulnerability in Mediawiki

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mediawiki

NVD

Published: 2005-10-06

Updated: 2008-09-05

Summary

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet Explorer clients.

Vulnerable Configurations

Part	Description	Count
Application	Mediawiki Mediawiki Mediawiki 1.4.1 Mediawiki Mediawiki 1.4.8 Mediawiki Mediawiki 1.4.3 Mediawiki Mediawiki 1.4.2 Mediawiki Mediawiki 1.4_Beta6 Mediawiki Mediawiki 1.4_Beta3 Mediawiki Mediawiki 1.4_Beta4 Mediawiki Mediawiki 1.4.5 Mediawiki Mediawiki 1.4_Beta1 Mediawiki Mediawiki 1.4.6 Mediawiki Mediawiki 1.4_Beta2 Mediawiki Mediawiki 1.4_Beta5 Mediawiki Mediawiki 1.4.7	13

Summary

Vulnerable Configurations

References