CVE-2005-3165

EPSS 0.27%

Published: 10/6/2005Modified: 4/28/2026

Also known as:DEBIAN-CVE-2005-3165

Description

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet Explorer clients.

Affected packages (1)

Debian/mediawikifrom 0, < 1.4.9

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-3165