Strix
26.1K

CVE-2005-4501

UnknownEPSS 1.44%

Last modified

CVE-2005-4501 is a vulnerability of currently unknown severity. MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.. EPSS estimates a 1.44% chance of exploitation in the next 30 days.

Description

MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

Metrics

EPSS Probability
1.44%

69.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
MediawikiMediawiki<= 1.5.3
MediawikiMediawiki1.1.0
MediawikiMediawiki1.2.0
MediawikiMediawiki1.2.1
MediawikiMediawiki1.2.2
MediawikiMediawiki1.2.3
MediawikiMediawiki1.2.4
MediawikiMediawiki1.2.5
MediawikiMediawiki1.2.6
MediawikiMediawiki1.3
MediawikiMediawiki1.3.0
MediawikiMediawiki1.3.1
MediawikiMediawiki1.3.2
MediawikiMediawiki1.3.3
MediawikiMediawiki1.3.4
MediawikiMediawiki1.3.5
MediawikiMediawiki1.3.6
MediawikiMediawiki1.3.7
MediawikiMediawiki1.3.8
MediawikiMediawiki1.3.9
MediawikiMediawiki1.3.10
MediawikiMediawiki1.3.11
MediawikiMediawiki1.3.12
MediawikiMediawiki1.3.13
MediawikiMediawiki1.3.14
MediawikiMediawiki1.3.15
MediawikiMediawiki1.4.1
MediawikiMediawiki1.4.2
MediawikiMediawiki1.4.3
MediawikiMediawiki1.4.5
MediawikiMediawiki1.4.6
MediawikiMediawiki1.4.7
MediawikiMediawiki1.4.8
MediawikiMediawiki1.4.9
MediawikiMediawiki1.4.10
MediawikiMediawiki1.4_beta1
MediawikiMediawiki1.4_beta2
MediawikiMediawiki1.4_beta3
MediawikiMediawiki1.4_beta4
MediawikiMediawiki1.4_beta5
MediawikiMediawiki1.4_beta6
MediawikiMediawiki1.5_alpha1
MediawikiMediawiki1.5_alpha2
MediawikiMediawiki1.5_beta1
MediawikiMediawiki1.5_beta2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2005-4501?
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.
How severe is CVE-2005-4501?
Severity scoring for CVE-2005-4501 is pending analysis. The EPSS model estimates a 1.44% probability of exploitation in the next 30 days.
How do I fix CVE-2005-4501?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-4501?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST