CVE-2010-1647

Publication date 8 June 2010

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Internet Explorer.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
mediawiki 10.04 LTS lucid
Fixed 1:1.15.1-1ubuntu2.1
9.10 karmic
Fixed 1:1.15.0-1.1ubuntu0.3
9.04 jaunty
Fixed 1:1.13.3-1ubuntu2.3
8.04 LTS hardy
Fixed 1:1.11.2-2ubuntu0.6
6.06 LTS dapper Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
mediawiki