Security Advisory

CVE-2012-1582

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-09-09 21:00:00

Last updated 2024-08-06 19:01:02

Assigner redhat

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to inject arbitrary web script or HTML via a crafted page with "forged strip item markers," as demonstrated using the CharInsert extension.

← Browse all CVEs View on cve.org ↗