CVE-2004-2185
MediaWiki 1.3.5 - Cross-Site Scripting via Multiple Vectors
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
References (2)
Core 2
Core References
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=275099
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11416
Scores
EPSS
0.0200
EPSS Percentile
83.9%
Details
Status
published
Products (1)
mediawiki/mediawiki
1.3.5
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026