CVE-2010-1189
mediawiki - several vulnerabilities
EPSS 0.38%
Description
MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."
How to fix CVE-2010-1189
To remediate CVE-2010-1189, upgrade the affected package to a fixed version below.
- Debian/mediawiki—upgrade to 1:1.15.2-1 or later
- Debian/mediawiki—upgrade to 1:1.12.0-2lenny4 or later
Is CVE-2010-1189 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:1.15.2-1
- from 0, < 1:1.12.0-2lenny4