← Volver a CVEs
CVE-2012-2698
N/ADescripcion
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado6/29/2012
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
mediawiki:mediawiki
Debilidades (CWE)
CWE-79
Referencias
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000116.html(secalert@redhat.com)
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000117.html(secalert@redhat.com)
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000118.html(secalert@redhat.com)
http://secunia.com/advisories/49484(secalert@redhat.com)
http://securitytracker.com/id?1027179(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/06/14/2(secalert@redhat.com)
http://www.osvdb.org/82983(secalert@redhat.com)
https://bugzilla.wikimedia.org/show_bug.cgi?id=36938(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/76311(secalert@redhat.com)
https://gerrit.wikimedia.org/r/#/c/7979/1/includes/SkinTemplate.php(secalert@redhat.com)
https://www.mediawiki.org/wiki/Release_notes/1.17(secalert@redhat.com)
https://www.mediawiki.org/wiki/Release_notes/1.18(secalert@redhat.com)
https://www.mediawiki.org/wiki/Release_notes/1.19(secalert@redhat.com)
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000116.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000117.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000118.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/49484(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1027179(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/06/14/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/82983(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.wikimedia.org/show_bug.cgi?id=36938(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/76311(af854a3a-2127-422b-91ae-364da2661108)
https://gerrit.wikimedia.org/r/#/c/7979/1/includes/SkinTemplate.php(af854a3a-2127-422b-91ae-364da2661108)
https://www.mediawiki.org/wiki/Release_notes/1.17(af854a3a-2127-422b-91ae-364da2661108)
https://www.mediawiki.org/wiki/Release_notes/1.18(af854a3a-2127-422b-91ae-364da2661108)
https://www.mediawiki.org/wiki/Release_notes/1.19(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.