Author: reed
Description:
There's an XSS issue on Semantic MediaWiki's Special:CreateForm page in the 'form_name' parameter.
Example XSS value: ""><script>alert("3")</script>
Video example: http://youtu.be/c1QkVOUEjMQ
Screenshot: http://i1256.photobucket.com/albums/ii488/testfortest/123/ww.png?t=1338819700
This issue was reported to Mozilla by Sony <insecurity.ro@gmail.com>.
Mozilla is tracking this as https://bugzilla.mozilla.org/show_bug.cgi?id=761114.
Version: unspecified
Severity: normal
See Also:
https://bugzilla.mozilla.org/show_bug.cgi?id=761114