VYPR

SyntaxHighlight_GeSHi

by MediaWiki

CVEs (3)

  • CVE-2017-0372CriApr 13, 2018
    risk 0.68cvss 9.8epss 0.12

    Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.

  • CVE-2015-6733Sep 1, 2015
    risk 0.00cvss epss 0.03

    GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.

  • CVE-2013-4305Oct 11, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.