Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-3165

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet Explorer clients.

  • Published: Oct 6, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3165
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mediawiki / mediawiki 1.4.1 1.4.1.x
mediawiki / mediawiki 1.4.8 1.4.8.x
mediawiki / mediawiki 1.4.3 1.4.3.x
mediawiki / mediawiki 1.4.2 1.4.2.x
mediawiki / mediawiki 1.4_beta6 1.4_beta6.x
mediawiki / mediawiki 1.4_beta3 1.4_beta3.x
mediawiki / mediawiki 1.4_beta4 1.4_beta4.x
mediawiki / mediawiki 1.4.5 1.4.5.x
mediawiki / mediawiki 1.4_beta1 1.4_beta1.x
mediawiki / mediawiki 1.4.6 1.4.6.x
mediawiki / mediawiki 1.4_beta2 1.4_beta2.x
mediawiki / mediawiki 1.4_beta5 1.4_beta5.x
mediawiki / mediawiki 1.4.7 1.4.7.x