CVE-2007-4883
MediaWiki 1.7.x and earlier - Cross-Site Scripting via BotQuery Extension
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37336
Patch mailing-list
x_refsource_mlist
http://lists.wikimedia.org/pipermail/mediawiki-announce/2007-September/000067.html
Scores
EPSS
0.0029
EPSS Percentile
52.3%
Details
CWE
CWE-79
Status
published
Products (4)
mediawiki/mediawiki
1.7.0
mediawiki/mediawiki
1.7.1
mediawiki/mediawiki
1.7.2
mediawiki/mediawiki
1.7.3
Published
Sep 14, 2007
Tracked Since
Feb 18, 2026