CVE-2005-1888
MediaWiki < 1.4.5 - Cross-Site Scripting via HTML Attributes in Page Templates
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_19_sr.html
Patch, Vendor Advisory x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=332231
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13861
Scores
EPSS
0.0036
EPSS Percentile
58.6%
Details
Status
published
Products (20)
mediawiki/mediawiki
1.3
mediawiki/mediawiki
1.3.1
mediawiki/mediawiki
1.3.2
mediawiki/mediawiki
1.3.3
mediawiki/mediawiki
1.3.4
mediawiki/mediawiki
1.3.5
mediawiki/mediawiki
1.3.6
mediawiki/mediawiki
1.3.7
mediawiki/mediawiki
1.3.8
mediawiki/mediawiki
1.3.9
... and 10 more
Published
Jun 06, 2005
Tracked Since
Feb 18, 2026