ID de Prueba:	1.3.6.1.4.1.25623.1.0.900469
Categoría:	Web application abuses
Título:	MediaWiki 1.6.x < 1.6.12, 1.12.x < 1.12.4, 1.13.x < 1.13.4 Multiple XSS Vulnerabilities
Resumen:	MediaWiki is prone to multiple cross-site scripting (XSS); vulnerabilities.
Descripción:	Summary: MediaWiki is prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: Multiple flaws are caused as the data supplied by the user via unspecified vectors is not adequately sanitised before being passed into the file 'config/index.php' of MediaWiki. Vulnerability Impact: Successful exploitation will let the attacker include arbitrary HTML or web scripts in the scope of the browser. This may lead to cross site scripting attacks and the attacker may gain sensitive information of the remote user or of the web application. Affected Software/OS: MediaWiki versions 1.6.x prior to 1.6.12, 1.12.x prior to 1.12.4 and 1.13.x prior to 1.13.4. Solution: Update to version 1.6.12, 1.12.4, 1.13.4 or later. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0737 BugTraq ID: 33681 http://www.securityfocus.com/bid/33681 Debian Security Information: DSA-1901 (Google Search) http://www.debian.org/security/2009/dsa-1901 http://lists.wikimedia.org/pipermail/mediawiki-announce/2009-February/000083.html http://secunia.com/advisories/33881 http://www.vupen.com/english/advisories/2009/0368
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.