oss-sec mailing list archives
Re: CVE Request -- MediaWiki - v1.15.2
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 30 Mar 2010 15:56:03 -0400 (EDT)
On Tue, 9 Mar 2010, Jan Lieskovsky wrote:
a, a CSS validation issue was discovered which allows editors to display external images in wiki pages.
Use CVE-2010-1189
b, a data leakage vulnerability was discovered in thumb.php which affects wikis which restrict access to private files using img_auth.php, or some similar scheme.
Use CVE-2010-1190 - Steve
Current thread:
- CVE Request -- MediaWiki - v1.15.2 Jan Lieskovsky (Mar 09)
- Re: CVE Request -- MediaWiki - v1.15.2 Nico Golde (Mar 16)
- Re: CVE Request -- MediaWiki - v1.15.2 Henri Salo (Mar 23)
- Re: CVE Request -- MediaWiki - v1.15.2 Steven M. Christey (Mar 30)