CVE-2013-6452

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2013-6452

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-6452.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-6452

Downstream

DSA-2891-1

UBUNTU-CVE-2013-6452

Related

MGASA-2014-0113

Published

2014-05-12T14:55:06Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file.

References

http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html

Affected packages