Package(s):	mediawiki	CVE #(s):	CVE-2006-1498
Created:	April 4, 2006	Updated:	April 4, 2006
Description:	MediaWiki fails to decode certain encoded URLs correctly. By supplying specially crafted links, a remote attacker could exploit this vulnerability to inject malicious HTML or JavaScript code that will be executed in a user's browser session in the context of the vulnerable site.
Alerts:	Gentoo 200604-01 mediawiki 2006-04-04

---

to post comments