CVE-2013-4574
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0032 (0.3%)
Percentile: 54.8%
EPSS: 2026-05-06
Affects
mediawiki:mediawikiTechnical description
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.
Published: 5/12/2014, 2:55:04 PM
Last modified: 5/6/2026, 10:30:45 PM