CVE-2005-3167
Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
| Software | From | Fixed in |
|---|---|---|
| mediawiki / mediawiki | 1.4.1 | 1.4.1.x |
| mediawiki / mediawiki | 1.4.8 | 1.4.8.x |
| mediawiki / mediawiki | 1.4.9 | 1.4.9.x |
| mediawiki / mediawiki | 1.4.3 | 1.4.3.x |
| mediawiki / mediawiki | 1.4.2 | 1.4.2.x |
| mediawiki / mediawiki | 1.4_beta6 | 1.4_beta6.x |
| mediawiki / mediawiki | 1.4_beta3 | 1.4_beta3.x |
| mediawiki / mediawiki | 1.4_beta4 | 1.4_beta4.x |
| mediawiki / mediawiki | 1.4.5 | 1.4.5.x |
| mediawiki / mediawiki | 1.4_beta1 | 1.4_beta1.x |
| mediawiki / mediawiki | 1.4.6 | 1.4.6.x |
| mediawiki / mediawiki | 1.4.10 | 1.4.10.x |
| mediawiki / mediawiki | 1.4_beta2 | 1.4_beta2.x |
| mediawiki / mediawiki | 1.4_beta5 | 1.4_beta5.x |
| mediawiki / mediawiki | 1.4.7 | 1.4.7.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime