CVE-2005-2215

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.4.6 MediaWiki versions 1.5 prior to 1.5beta3

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template.

Recommendations: For MediaWiki versions prior to 1.4.6, update to version 1.4.6 or later. For MediaWiki versions 1.5 prior to 1.5beta3, update to version 1.5beta3 or later.