Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6453

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-6453
Last Modified 31 Dec 2012 12:00:00
Published 31 Dec 2012 06:50:28
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-6453

Summary

Cross-site scripting (XSS) vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed.

Vulnerable Systems

Application

  • Mediawiki Rssreader 0.2

  • Mediawiki Rssreader 0.2.1

  • Mediawiki Rssreader 0.2.2

  • Mediawiki Rssreader 0.2.3

  • Mediawiki Rssreader 0.2.4

  • Mediawiki Rssreader 0.2.5


References

CONFIRM - http://www.mediawiki.org/wiki/Extension:RSS_Reader#0.2.6

CONFIRM - http://bugs.debian.org/696179


Last Updated: 27 May 2016 11:01:30