Create a new article
Write your page title here:
We currently have 3,189 articles on s23. Type your article name above or create one of the articles listed here!


    Why you should upgrade Mediawiki

    Revision as of 18:39, 24 October 2006 by imported>mutante
    (diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

    Reasons for upgrading your Mediawiki regularly.

    Affects: Versions < 1.5.2

    What can happen: "An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks."

    Affects: Versions < 1.4beta6

    What can happen: "an attacker could craft a URL which, when visited by a particular logged-in user, would execute arbitrary JavaScript code on the user's browser in the wiki's site context."

    Affects: Versions < 1.6.6

    What can happen: "An XSS injection vector in brace replacement has been fixed, as have some potential problems with table parsing. Upgrading is strongly recommended "

    Affects: Versions < 1.5

    What can happen: "a number of bug fixes and a security fix for CSS bugs in Microsoft Internet Explorer as well as a security hole caused by broken validation of the user language option."

    Affects: SUSE Linux 9.3 and 10.0. with mediawiki package

    What can happen: "Unsafe handling of CSS by Microsoft Internet Explorer could be exploited to produce cross-site scripting attacks via Javascript injection to clients running that browser"

    Affects: Versions < 1.5.4

    What can happen: "uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer."

    Affects: Versions < 1.6.8

    What can happen: "A potential HTML/JavaScript-injection vulnerability in a debugging script has been fixed. Only versions and configurations of PHP vulnerable to the $GLOBALS overwrite vulnerability are affected."

    Template loop detected: Template:Stub

    Cookies help us deliver our services. By using our services, you agree to our use of cookies.
    Cookies help us deliver our services. By using our services, you agree to our use of cookies.