Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote malicious users to inject arbitrary web script or HTML via the ip parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawik i1.15.0 |
||
mediawiki mediawiki 1.14.0 |