Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-1054HistoryFeb 21, 2007 - 11:28 p.m.
CVE-2007-1054
2007-02-2123:28:00
Debian Security Bug Tracker
security-tracker.debian.org
9
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.14 Low
EPSS
Percentile
95.7%
Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mediawiki | < 1.7.1-9 | mediawiki_1.7.1-9_all.deb |
| Debian | 11 | all | mediawiki | < 1.7.1-9 | mediawiki_1.7.1-9_all.deb |
| Debian | 999 | all | mediawiki | < 1.7.1-9 | mediawiki_1.7.1-9_all.deb |
| Debian | 13 | all | mediawiki | < 1.7.1-9 | mediawiki_1.7.1-9_all.deb |
Related
nvd
nvd
CVE-2007-1054
2007-02-21 23:28:00
fedora
fedora
[SECURITY] Fedora 7 Update: mediawiki-1.9.3-34.0.2.fc7
2007-08-06 17:56:22
cve
cve
CVE-2007-1054
2007-02-21 23:28:00
openvas
openvas
Fedora Update for mediawiki FEDORA-2007-1442
2009-02-27 00:00:00
Fedora Update for mediawiki FEDORA-2007-1442
2009-02-27 00:00:00
cvelist
cvelist
CVE-2007-1054
2007-02-21 23:00:00
prion
prion
Cross site scripting
2007-02-21 23:28:00
nessus
nessus
Fedora 7 : mediawiki-1.9.3-34.0.2.fc7 (2007-1442)
2007-11-06 00:00:00
securityvulns
securityvulns
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.14 Low
EPSS
Percentile
95.7%
Related for DEBIANCVE:CVE-2007-1054