MediaWiki Inline Style Attribute Security Check Bypass Vulnerability

info
discussion
exploit
solution
references

MediaWiki Inline Style Attribute Security Check Bypass Vulnerability

MediaWiki is prone to a vulnerability that may allow attackers to execute script code in a user's browser.

Security checks related to inline style attributes can be bypassed, facilitating injection of script code to be executed in a user's browser.

MediaWiki 1.5.3 is known to be vulnerable to this issue; other versions may be affected as well.