Mediawiki: >> Mediawiki >> 1.15.3 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Internet Explorer.
CVSS Score
4.3
EPSS Score
0.002
Published
2010-06-08
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form.
CVSS Score
6.8
EPSS Score
0.001
Published
2010-06-08
Page 28