Vulnerability Details CVE-2004-2152
Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/12692/
- http://sourceforge.net/project/shownotes.php?group_id=34373&release_id=271848
- http://www.osvdb.org/10454
- http://www.securityfocus.com/bid/11302
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17578
- http://secunia.com/advisories/12692/
- http://sourceforge.net/project/shownotes.php?group_id=34373&release_id=271848
- http://www.osvdb.org/10454
- http://www.securityfocus.com/bid/11302
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17578
Products affected by CVE-2004-2152
-
cpe:2.3:a:mediawiki:mediawiki:1.1.0
-
cpe:2.3:a:mediawiki:mediawiki:1.2.0
-
cpe:2.3:a:mediawiki:mediawiki:1.2.1
-
cpe:2.3:a:mediawiki:mediawiki:1.2.2
-
cpe:2.3:a:mediawiki:mediawiki:1.2.3
-
cpe:2.3:a:mediawiki:mediawiki:1.2.4
-
cpe:2.3:a:mediawiki:mediawiki:1.2.5
-
cpe:2.3:a:mediawiki:mediawiki:1.2.6
-
cpe:2.3:a:mediawiki:mediawiki:1.3.0
-
cpe:2.3:a:mediawiki:mediawiki:1.3.1
-
cpe:2.3:a:mediawiki:mediawiki:1.3.2
-
cpe:2.3:a:mediawiki:mediawiki:1.3.3
-
cpe:2.3:a:mediawiki:mediawiki:1.3.4