Author: naconk
Description:
(copied from email)
Hi All,
Second MediaWiki 1.6.5 JavaScript Execution Vulnerability in the Parser.
Unlike the previous one, this one affects the live Wikipedia too (i.e.
tidy does not prevent it).
Vuln is here: http://nickj.org/MediaWiki/Parser25
And also on the wikipedia here:
http://en.wikipedia.org/wiki/User:Nickj/JS-vuln-2
And the full list of Parser problems is here: http://nickj.org/MediaWiki
(Anything with yellow or red in the "Security aspects?" column is a
potential or actual JS execution problem, respectively; everything
else is an HTML validation problem).
All the best,
Nick.
Version: unspecified
Severity: critical
OS: Windows XP
URL: http://en.wikipedia.org/wiki/User:Nickj/JS-vuln-2
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4