VWE-2009-0047
Return to current revision
Current Revision
February 16, 2017, 10:11 AM
General Differences
made the following changes
- removed the title prefix 'XSS'
- changed the title from 'Redirect Injection Vulnerability' to 'VWE-2009-0047'
Differences in Content
-
[template]Vulnerability
| cve=
| aka=Redirect Injection Vulnerability -
+| severity=High
-
| difficulty=Easy
| description=HTML/Javascript injection.
| discover-date=May 2009
| patch-date=May 10, 2009
| patches=2.3.0
| workaround=Update permissions so that untrusted users cannot edit wiki pages. Alternatively, delete all redirects from the wiki and disable the REDIRECT BB-Code.
[/template]