NVD

Id
85177  
Name
CVE-2016-6334  
Description
Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-04-27  
Published
2017-04-20  
Modified Date
2017-04-24  
Seq
2016-6334  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
415164 85177 CVE-2014-9836 [oss-security] 20141224 Imagemagick fuzzing bug  View
415165 85177 CVE-2014-9836 [oss-security] 20160602 Re: ImageMagick CVEs  View
415166 85177 CVE-2014-9836 [oss-security] 20141224 Imagemagick fuzzing bug  View
415167 85177 CVE-2014-9836 [oss-security] 20160602 Re: ImageMagick CVEs  View
418151 85177 CVE-2017-3514 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html  View
418152 85177 CVE-2017-3514 97729  View
418153 85177 CVE-2017-3514 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html  View
418154 85177 CVE-2017-3514 97729  View

Related JVN