Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-2698

EPSS 14.45% · P94
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-2698

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MediaWiki "uselang" 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MediaWiki是美国维基媒体(Wikimedia)基金会和MediaWiki志愿者共同开发维护的一套自由免费的基于网络的Wiki引擎,它可用于部署内部的知识管理和内容管理系统。 MediaWiki中存在漏洞,可被恶意攻击者利用进行跨站脚本攻击。 该漏洞源于includes/SkinTemplate.php中的"outputPage()" 函数,通过"uselang"参数到index.php/Main_page中的输入在返回给用户之前未经正确验证。攻击者可利用该漏洞在受影响站点上下文中用户浏览器会话中执
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2012-2698

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2012-2698

登录查看更多情报信息。

Same Patch Batch · n/a · 2012-06-29 · 26 CVEs total

CVE-2012-1120MantisBT SOAP API 安全绕过漏洞
CVE-2012-2016HP System Management Homepage 信息泄露漏洞
CVE-2012-2015HP System Management Homepage 权限提升漏洞
CVE-2012-2014HP System Management Homepage 输入验证漏洞
CVE-2012-2013HP System Management Homepage 拒绝服务漏洞
CVE-2012-2012HP System Management Homepage 多个安全漏洞
CVE-2012-2690libguestfs ‘virt-edit’ 敏感信息泄露漏洞
CVE-2012-2664Red Hat sos数据包安全漏洞
CVE-2012-2385Mosh远程拒绝服务漏洞
CVE-2012-1164OpenLDAP 拒绝服务漏洞
CVE-2012-1123MantisBT 多个安全绕过漏洞
CVE-2012-1122MantisBT 多个安全绕过漏洞
CVE-2012-1121MantisBT 安全漏洞
CVE-2012-2098Apache Commons Compress和Apache Ant 加密问题漏洞
CVE-2012-1119MantisBT 多个安全绕过漏洞
CVE-2012-1118MantisBT 多个安全绕过漏洞
CVE-2012-0813Wicd ‘wicd/configmanager.py’ 本地信息泄露漏洞
CVE-2010-5076Qt 安全绕过漏洞
CVE-2012-3818Revelation 敏感信息漏洞
CVE-2012-3232web@all 跨站脚本漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2012-2698

No comments yet

Leave a comment