CVE-2017-8812 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Insufficient validation |
Description | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-490 | mediawiki | 1.29.1-1 | 1.29.2-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
15 Nov 2017 | ASA-201711-20 | AVG-490 | mediawiki | High | multiple issues |