2.6
CVE-2006-2895
- EPSS 1.38%
- Veröffentlicht 07.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:59
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.38% | 0.689 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
http://mail.wikipedia.org/pipermail/mediawiki-announce/2006-June/000048.html
http://secunia.com/advisories/20458
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_7/phase3/RELEASE-NOTES
http://www.vupen.com/english/advisories/2006/2159
https://exchange.xforce.ibmcloud.com/vulnerabilities/27029