Candidate: CVE-2009-0737
PublicDate: 2009-02-25 20:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0737
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in the web-based
 installer (config/index.php) in MediaWiki 1.6 before 1.6.12, 1.12 before
 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow
 remote attackers to inject arbitrary web script or HTML via unspecified
 vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_mediawiki:
upstream_mediawiki: needs-triage
dapper_mediawiki: ignored (reached end-of-life)
gutsy_mediawiki: needs-triage (reached end-of-life)
hardy_mediawiki: released (1:1.11.2-2ubuntu0.3)
intrepid_mediawiki: released (1:1.12.0-2ubuntu0.3)
jaunty_mediawiki: released (1:1.13.3-1ubuntu2)
karmic_mediawiki: released (1:1.13.3-1ubuntu2)
devel_mediawiki: released (1:1.13.3-1ubuntu2)