Nixpkgs security tracker

Untriaged

Permalink CVE-2013-6451

created 2 months ago Activity log

Created suggestion 2 months ago

Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x …

Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values.

References

http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html x_transferredx_refsource_MISC

Affected products

MediaWiki

==1.2x before 1.21.4
==1.19.9 before 1.19.10
==1.22.x before 1.22.1

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

nixos-unstable 1.45.1
- nixpkgs-unstable 1.45.1
- nixos-unstable-small 1.45.1
nixos-25.11 1.44.3
- nixos-25.11-small 1.44.3
- nixpkgs-25.11-darwin 1.44.3

Package maintainers

@astro Astro <astro@spaceboyz.net>
@gshipunov Grigory Shipunov <blame@oxapentane.com>
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.mediawiki

Package maintainers