cvelist/2015/6xxx/CVE-2015-6729.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2015-6729",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled in an error page."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10",
            "refsource" : "MLIST",
            "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html"
         },
         {
            "name" : "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2015/08/12/6"
         },
         {
            "name" : "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2015/08/27/6"
         },
         {
            "name" : "FEDORA-2015-13920",
            "refsource" : "FEDORA",
            "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html"
         },
         {
            "name" : "GLSA-201510-05",
            "refsource" : "GENTOO",
            "url" : "https://security.gentoo.org/glsa/201510-05"
         },
         {
            "name" : "76334",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/76334"
         }
      ]
   }
}