MediaWiki HTML Inline Style Attributes Unspecified Cross-Site Scripting Vulnerability

Solution:
The vendor has released upgrades; versions 1.4.11 and 1.5.0 are available.

SUSE Linux has released Security Summary Report SUSE-SR:2005:027 to address this, and other issues in various SUSE products. Please see the referenced advisory for further information.

Update: The vendor has released versions 1.4.12 and 1.5.3 to further address this issue. Further corrections have been made, therefore versions 1.4.11 and 1.5.0 are considered to be incomplete fixes.

SUSE Linux has released Security Summary Report SUSE-SR:2005:029 to address this, and other issues in various SUSE products. The fixes in this Summary Report are the ones included in MediaWiki 1.4.12. Please see the referenced advisory for further information.


MediaWiki MediaWiki 1.3

MediaWiki MediaWiki 1.3.1

MediaWiki MediaWiki 1.3.10

MediaWiki MediaWiki 1.3.11

MediaWiki MediaWiki 1.3.13

MediaWiki MediaWiki 1.3.2

MediaWiki MediaWiki 1.3.3

MediaWiki MediaWiki 1.3.4

MediaWiki MediaWiki 1.3.5

MediaWiki MediaWiki 1.3.6

MediaWiki MediaWiki 1.3.7

MediaWiki MediaWiki 1.3.8

MediaWiki MediaWiki 1.3.9

MediaWiki MediaWiki 1.4 beta2

MediaWiki MediaWiki 1.4 beta6

MediaWiki MediaWiki 1.4 beta5

MediaWiki MediaWiki 1.4 beta3

MediaWiki MediaWiki 1.4 beta4

MediaWiki MediaWiki 1.4 beta1

MediaWiki MediaWiki 1.4.1

MediaWiki MediaWiki 1.4.10

MediaWiki MediaWiki 1.4.11

MediaWiki MediaWiki 1.4.2

MediaWiki MediaWiki 1.4.3

MediaWiki MediaWiki 1.4.5

MediaWiki MediaWiki 1.4.6

MediaWiki MediaWiki 1.4.7

MediaWiki MediaWiki 1.4.8

MediaWiki MediaWiki 1.4.9

MediaWiki MediaWiki 1.5 beta3

MediaWiki MediaWiki 1.5 beta2

MediaWiki MediaWiki 1.5 alpha2

MediaWiki MediaWiki 1.5 beta1

MediaWiki MediaWiki 1.5 alpha1

MediaWiki MediaWiki 1.5 .0

MediaWiki MediaWiki 1.5.1

MediaWiki MediaWiki 1.5.2


 

Privacy Statement
Copyright 2010, SecurityFocus