CVE-2014-5242
Publication date 22 August 2014
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value.
Status
Package | Ubuntu Release | Status |
---|---|---|
mediawiki | 14.04 LTS trusty | Not in release |
Notes
Patch details
Package | Patch details |
---|---|
mediawiki |