aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
diff options
context:
space:
mode:
authorremko <remko@FreeBSD.org>2006-04-06 03:02:44 +0800
committerremko <remko@FreeBSD.org>2006-04-06 03:02:44 +0800
commitf9d17ad4ba7400ab8301a84dca57da6efa298a7c (patch)
treeb6fe368208cdf70680f5b2c2f92b70d7514e4dbf /security/vuxml
parenta81d75d062a0c41c3e719cb8b945536a23572ca9 (diff)
downloadfreebsd-ports-gnome-f9d17ad4ba7400ab8301a84dca57da6efa298a7c.tar.gz
freebsd-ports-gnome-f9d17ad4ba7400ab8301a84dca57da6efa298a7c.tar.zst
freebsd-ports-gnome-f9d17ad4ba7400ab8301a84dca57da6efa298a7c.zip
Document mediawiki -- cross site scripting vulnerability.
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index e43c76bdc240..d9019782dd39 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="74b7403c-c4d5-11da-b2fb-000e0c2e438a">
+ <topic>mediawiki -- cross site scripting vulnerability</topic>
+ <affects>
+ <package>
+ <name>mediawiki</name>
+ <range><ge>1.4</ge><lt>1.4.14</lt></range>
+ <range><ge>1.5</ge><lt>1.5.7</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The mediawiki development team reports that there is an
+ site scripting vulnerability within mediawiki. The
+ vulnerability is caused by improper checking of encoded
+ links which could allow the injection of html in the output
+ generated by mediawiki. This could lead to cross site
+ scripting attacks against mediawiki installations.</p>
+ </body>
+ </description>
+ <references>
+ <bid>17269</bid>
+ <cvename>CVE-2006-1498</cvename>
+ <url>http://mail.wikipedia.org/pipermail/mediawiki-announce/2006-March/000040.html</url>
+ </references>
+ <dates>
+ <discovery>2006-03-27</discovery>
+ <entry>2006-04-05</entry>
+ </dates>
+ </vuln>
+
<vuln vid="b5fc63ad-c4c3-11da-9699-00123ffe8333">
<topic>dia -- XFig Import Plugin Buffer Overflow</topic>
<affects>