Oval Definition:	oval:com.ubuntu.cosmic:def:20152941000
Revision Date: 2015-04-13 Version: 1 Title: CVE-2015-2941 on Ubuntu 18.10 (cosmic) - medium. Description: Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error message, related to unsafe calls to wddx_serialize_value. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-2941 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND NOT While related to the CVE in some way, the 'mediawiki' package in cosmic is not affected (note: '1:1.27.4-3').
BACK