Summary: Cross Site Scripting Vulnerability
           Product: MediaWiki extensions
           Version: any
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: Normal
         Component: Semantic MediaWiki

If you enter:

<script>alert("CSS Vulnerability");</script>

into the query window and click on the 'Find results' button, it will pop up an
alert window the the 'CSS Vulnerability' message.

This works on all versions of Media wiki and the semantic extensions I have
Works in both Firefox and IE.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Wikibugs-l mailing list

Reply via email to