Test ID:	1.3.6.1.4.1.25623.1.0.113436
Category:	Web application abuses
Title:	MediaWiki >= 1.30.0, <= 1.32.1 XSS Vulnerability - Linux
Summary:	MediaWiki is prone to a cross-site scripting (XSS) vulnerability.
Description:	Summary: MediaWiki is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: Loading user JavaScript from a non-existent account allows anyone to create the account and perform XSS on users loading that script. Vulnerability Impact: Successful exploitation would allow an attacker to inject arbitrary JavaScript and HTML into the site. Affected Software/OS: MediaWiki versions 1.30.0 through 1.30.1, 1.31.0 through 1.31.1 and 1.32.0 through 1.32.1. Solution: Update to version 1.30.2, 1.31.2 or 1.32.2 respectively. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-12471 Bugtraq: 20190612 [SECURITY] [DSA 4460-1] mediawiki security update (Google Search) https://seclists.org/bugtraq/2019/Jun/12 Debian Security Information: DSA-4460 (Google Search) https://www.debian.org/security/2019/dsa-4460 https://phabricator.wikimedia.org/T207603
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.