Vulnerabilities > Mediawiki > Mediawiki > 1.6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-07 | CVE-2006-2895 | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form. | 2.6 |
2006-05-26 | CVE-2006-2611 | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | (pipe) character. network mediawiki | 4.3 |