CVE-2010-2788

EPSS 0.68%

Published: 4/27/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-2788

Description

Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

Affected packages (1)

Debian/mediawikifrom 0, < 1:1.15.5-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-2788