CVE-2014-7295
- Source
- https://cve.org/CVERecord?id=CVE-2014-7295
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-7295.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2014-7295
- Downstream
- Related
- Published
- 2014-10-07T14:55:09Z
- Modified
- 2026-02-04T03:08:00.924281Z
- Summary
- [none]
- Details
-
The (1) Special:Preferences and (2) Special:UserLogin pages in MediaWiki before 1.19.20, 1.22.x before 1.22.12 and 1.23.x before 1.23.5 allows remote authenticated users to conduct cross-site scripting (XSS) attacks or have unspecified other impact via crafted CSS, as demonstrated by modifying MediaWiki:Common.css.
- References