CVE-2005-4501
EPSS 0.57%發布日:2005/12/22修改日:2026/4/28
描述
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.
受影響套件(1)
- Debian/mediawikifrom 0, < 1.4.13-1