CVE-2015-2932

EPSS 0.28%

發布日:2015/4/13修改日:2026/4/28

也稱為:DEBIAN-CVE-2015-2932

描述

Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element.

受影響套件(1)

Debian/mediawikifrom 0, < 1:1.19.20+dfsg-2.3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-2932