MSA-08-0022: XSS through Wiki page titles

MSA-08-0022: XSS through Wiki page titles

by Petr Skoda -
Number of replies: 0
Topic: Cross Site Scripting (XSS) possible through Wiki page titles
Severity: High
Versions affected: < 1.6.8, < 1.7.6, < 1.8.7, < 1.9.3
Reported by: Mike Churchward
Issue no.: MDL-15896
Solution: update to latest releases

Description:

Wiki page names were not sanitised on output, allowing for potential cross site scripting (XSS) issues.