CVE-2011-1579 in MediaWikithông tin

Tóm tắt

Bởi MITRE

The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information by using the \2f\2a and \2a\2f hex strings to surround CSS comments.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Đặt trước

05/04/2011

Tiết lộ

26/04/2011

Kiểm duyệt

được chấp nhận

mục

VDB-57258

CPE

sẵn sàng

CWE

CWE-20 (Đã xác nhận)

CVSS

5.8 (NVD)

EPSS

0.01917

KEV

không

Các hoạt động

rất thấp

ngành

Lawfirm, Hostingprovider, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1579
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1579
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1579/

◂ Trước Tổng Quan Tiếp theo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!