MediaWiki HTML Inline Style Attributes Unspecified Cross-Site Scripting Vulnerability Solution:
The vendor has released upgrades; versions 1.4.11 and 1.5.0 are available.
SUSE Linux has released Security Summary Report SUSE-SR:2005:027 to address this, and other issues in various SUSE products. Please see the referenced advisory for further information.
Update: The vendor has released versions 1.4.12 and 1.5.3 to further address this issue. Further corrections have been made, therefore versions 1.4.11 and 1.5.0 are considered to be incomplete fixes.
SUSE Linux has released Security Summary Report SUSE-SR:2005:029 to address this, and other issues in various SUSE products. The fixes in this Summary Report are the ones included in MediaWiki 1.4.12. Please see the referenced advisory for further information.
MediaWiki MediaWiki 1.3
MediaWiki MediaWiki 1.3.1
MediaWiki MediaWiki 1.3.10
MediaWiki MediaWiki 1.3.11
MediaWiki MediaWiki 1.3.13
MediaWiki MediaWiki 1.3.2
MediaWiki MediaWiki 1.3.3
MediaWiki MediaWiki 1.3.4
MediaWiki MediaWiki 1.3.5
MediaWiki MediaWiki 1.3.6
MediaWiki MediaWiki 1.3.7
MediaWiki MediaWiki 1.3.8
MediaWiki MediaWiki 1.3.9
MediaWiki MediaWiki 1.4 beta2
MediaWiki MediaWiki 1.4 beta6
MediaWiki MediaWiki 1.4 beta5
MediaWiki MediaWiki 1.4 beta3
MediaWiki MediaWiki 1.4 beta4
MediaWiki MediaWiki 1.4 beta1
MediaWiki MediaWiki 1.4.1
MediaWiki MediaWiki 1.4.10
MediaWiki MediaWiki 1.4.11
MediaWiki MediaWiki 1.4.2
MediaWiki MediaWiki 1.4.3
MediaWiki MediaWiki 1.4.5
MediaWiki MediaWiki 1.4.6
MediaWiki MediaWiki 1.4.7
MediaWiki MediaWiki 1.4.8
MediaWiki MediaWiki 1.4.9
MediaWiki MediaWiki 1.5 beta3
MediaWiki MediaWiki 1.5 beta2
MediaWiki MediaWiki 1.5 alpha2
MediaWiki MediaWiki 1.5 beta1
MediaWiki MediaWiki 1.5 alpha1
MediaWiki MediaWiki 1.5 .0
MediaWiki MediaWiki 1.5.1
MediaWiki MediaWiki 1.5.2
