CVE-2013-6452 in MediaWikiinfo

Summary

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file.

Reservation

11/04/2013

Disclosure

05/12/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
12046	MediaWiki Upload XmlTypeCheck.php Stored cross site scripting	79	Proof-of-Concept	Official fix	CVE-2013-6452

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸