MediaWiki 'CSS validation' Information Disclosure Vulnerability

MediaWiki is prone to an information-disclosure vulnerability because it fails to properly restrict the posting of remote images.

An attacker can exploit this vulnerability to have users view remote images, which may aid in further attacks.

Versions prior to MediaWiki 1.15.2 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus