Search for vulnerabilities
Vulnerability ID | VCID-zn36-7w39-aaan |
Aliases |
CVE-2011-0047
|
Summary | Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability." |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 6.2 |
Risk | 3.1 |
Affected and Fixed Packages | Package Details |
Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
Percentile | 0.72770 |
EPSS Score | 0.00361 |
Published At | Nov. 1, 2024, midnight |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |