Kuriaki Takashi

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.15 before 1.15.4 MediaWiki versions 1.16 before 1.16 beta 3 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Internet Explorer. **Recommendations** For MediaWiki versions 1.15 before 1.15.4, update to version 1.15.4 or later. For MediaWiki versions 1.16 before 1.16 beta 3, update to version 1.16 beta 3 or later.