Vulnerabilities

CVE-2015-6730

by Fred · 01/09/2015

Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."

Date published : 2015-09-01

http://www.securityfocus.com/bid/76334

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html

Similar

Tags: Cybersecurity Alert