CVE-2005-3165
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet Explorer clients.
| Software | From | Fixed in |
|---|---|---|
| mediawiki / mediawiki | 1.4.1 | 1.4.1.x |
| mediawiki / mediawiki | 1.4.8 | 1.4.8.x |
| mediawiki / mediawiki | 1.4.3 | 1.4.3.x |
| mediawiki / mediawiki | 1.4.2 | 1.4.2.x |
| mediawiki / mediawiki | 1.4_beta6 | 1.4_beta6.x |
| mediawiki / mediawiki | 1.4_beta3 | 1.4_beta3.x |
| mediawiki / mediawiki | 1.4_beta4 | 1.4_beta4.x |
| mediawiki / mediawiki | 1.4.5 | 1.4.5.x |
| mediawiki / mediawiki | 1.4_beta1 | 1.4_beta1.x |
| mediawiki / mediawiki | 1.4.6 | 1.4.6.x |
| mediawiki / mediawiki | 1.4_beta2 | 1.4_beta2.x |
| mediawiki / mediawiki | 1.4_beta5 | 1.4_beta5.x |
| mediawiki / mediawiki | 1.4.7 | 1.4.7.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime