Description
Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin BP Portfolio Cross-Site Scripting (1.0.2)
PHP Other Vulnerability (CVE-2006-4484)
WordPress Plugin Subscribe To Comments Reloaded Cross-Site Scripting (150611)
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)