Oval Definition:oval:com.ubuntu.precise:def:20152941000
Revision Date:2015-04-13Version:1
Title:CVE-2015-2941 on Ubuntu 12.04 LTS (precise) - medium.
Description:Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error message, related to unsafe calls to wddx_serialize_value.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-2941
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND The 'mediawiki' package in precise is affected and needs fixing.
    • BACK