Launchpad.net

CVE 2005-1888

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.

See the CVE page on Mitre.org for more details.

References