FreeBSD : mediawiki -- XSS vulnerability (74b7403c-c4d5-11da-b2fb-000e0c2e438a)

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The mediawiki development team reports that there is an site scripting
vulnerability within mediawiki. The vulnerability is caused by
improper checking of encoded links which could allow the injection of
html in the output generated by mediawiki. This could lead to cross
site scripting attacks against mediawiki installations.

See also :

http://www.nessus.org/u?d72f54f2
http://www.nessus.org/u?194335b9

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21453 (freebsd_pkg_74b7403cc4d511dab2fb000e0c2e438a.nasl)

Bugtraq ID: 17269

CVE ID: CVE-2006-1498

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now