[Bug 290015] Re: [CVE-2008-4408] XSS attack vulnerability

Launchpad Bug Tracker Thu, 27 Nov 2008 06:02:07 -0800

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.1

---------------
mediawiki (1:1.11.2-2ubuntu0.1) hardy-security; urgency=low


  * SECURITY UPDATE:
     Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0,
     and possibly other versions before 1.13.2 allows remote attackers
     to inject arbitrary web script or HTML via the useskin parameter
     to an unspecified component. (LP: #290015)
     - debian/patches/CVE-2008-4408.patch: Address XSS vulnerability. Based on
       upstream/Debian patch.
     - CVE-2008-4408
     - http://svn.wikimedia.org/viewvc/mediawiki?view=rev&revision=41540
     - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501115

 -- Iain Lane <[EMAIL PROTECTED]>   Mon, 27 Oct 2008 20:17:44 +0000

-- 
[CVE-2008-4408] XSS attack vulnerability
https://bugs.launchpad.net/bugs/290015
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 290015] Re: [CVE-2008-4408] XSS attack vulnerability

Reply via email to