Unrated severityNVD Advisory· Published Feb 18, 2022· Updated Aug 5, 2024
CVE-2017-0371
CVE-2017-0371
Description
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attr(title url);" attack within a DIV element that has an attacker-controlled URL in the title attribute.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.23.16, >=1.24 <1.27.2, >=1.28 <1.28.1
Patches
Vulnerability mechanics
References
2- phabricator.wikimedia.org/T140591mitrex_refsource_MISC
- phabricator.wikimedia.org/T68404mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.