CVE-2009-4589

EPSS 0.39%

Published: 1/7/2010Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-4589

Description

Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.

Affected packages (1)

Debian/mediawikifrom 0, < 1:1.15.0-1.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-4589