Skip to main content

CVE-2005-4501

Severity Medium
Score 4.3/10

Summary

MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

  • MEDIUM
  • NETWORK
  • NONE
  • PARTIAL
  • NONE
  • NONE

References

Advisory Timeline

  • Published