CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2185

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.9%

CVSS Severity

CVSS v2 Score 6.8

References

http://sourceforge.net/project/shownotes.php?release_id=275099
http://www.securityfocus.com/bid/11416
http://sourceforge.net/project/shownotes.php?release_id=275099
http://www.securityfocus.com/bid/11416

Products affected by CVE-2004-2185

Mediawiki » Mediawiki » Version: 1.3.5

cpe:2.3:a:mediawiki:mediawiki:1.3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2185

Products

Pricing

Contact Us