| Max CVSS | 5.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-1578 | 4.3 |
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at
|
23-07-2021 - 12:16 | 27-04-2011 - 00:55 | |
| CVE-2011-1579 | 5.8 |
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or
|
17-08-2017 - 01:34 | 27-04-2011 - 00:55 | |
| CVE-2011-1580 | 3.5 |
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.
|
17-08-2017 - 01:34 | 27-04-2011 - 00:55 |