Brion Vibber

Researcher fromWikimedia
#30485of 53,633
8.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2008-2092
4.3
2008-01-25
Wikimedia Foundation · Mediawiki · CVE-2008-0460
**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.11.0rc1 and earlier, specifically versions 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8 MediaWiki BotQuery extension for MediaWiki 1.7 and earlier **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors when Internet Explorer is used. **Recommendations** For MediaWiki versions 1.11 through 1.11.0rc1, update to a version later than 1.11.0rc1. For MediaWiki versions 1.10 through 1.10.2, update to a version later than 1.10.2. For MediaWiki versions 1.9 through 1.9.4, update to a version later than 1.9.4. For MediaWiki version 1.8, update to a version later than 1.8. For the BotQuery extension in MediaWiki 1.7 and earlier, consider disabling the extension until a patch is available.
PT-2006-2506
4.3
2006-03-30
Mediawiki · Mediawiki · CVE-2006-1498
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.5.8 MediaWiki versions prior to 1.4.15 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via crafted encoded links. Recommendations: For versions prior to 1.5.8, update to version 1.5.8 or later. For versions prior to 1.4.15, update to version 1.4.15 or later.