Cross-site scripting (XSS) vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.20.6 |
||
mediawiki mediawiki 1.19.7 |
||
mediawiki mediawiki 1.21.1 |