{"id":"CVE-2011-0047","details":"Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka \"CSS injection vulnerability.\"","modified":"2026-04-10T03:41:34.725716Z","published":"2011-02-04T01:00:05Z","references":[{"type":"ADVISORY","url":"http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43142"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0273"},{"type":"FIX","url":"http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html"},{"type":"REPORT","url":"https://bugzilla.wikimedia.org/show_bug.cgi?id=27093"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html"},{"type":"WEB","url":"http://osvdb.org/70770"},{"type":"WEB","url":"http://www.securityfocus.com/bid/46108"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65126"}],"schema_version":"1.7.5"}