VYPR

Vendor CVEs

MediaWiki

All CVEs

381 total · sorted by risk
  • CVE-2021-31553Apr 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example,…

  • CVE-2021-31555Apr 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's length.

  • CVE-2021-30159Apr 9, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's only called if…

  • CVE-2021-30156Apr 9, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

  • CVE-2021-30155Apr 9, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.

  • CVE-2021-30152Apr 9, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.

  • CVE-2021-30154Apr 6, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header-* messages are output in HTML unescaped, leading to XSS.

  • CVE-2021-30157Apr 6, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter-* label messages are output in HTML unescaped, leading to XSS.

  • CVE-2021-30158Apr 6, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been…

  • CVE-2020-29004Jan 29, 2021
    risk 0.00cvss epss 0.01

    The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.

  • CVE-2020-29005Jan 29, 2021
    risk 0.00cvss epss 0.01

    The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

  • CVE-2020-35622Dec 21, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the GlobalUsage extension for MediaWiki through 1.35.1. SpecialGlobalUsage.php calls WikiMap::makeForeignLink unsafely. The $page variable within the formatItem function was not being properly escaped, allowing for XSS under certain conditions.

  • CVE-2020-35623Dec 21, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. Due to improper username validation, it allowed user impersonation with trivial manipulations of certain characters within a given username. An ordinary user may be able to login as a "bureaucrat…

  • CVE-2020-35624Dec 21, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin vote list contains a full vote timestamp, which may provide unintended clues about how a voting process unfolded.

  • CVE-2020-35625Dec 21, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class (defined within PHP or MediaWiki) via a crafted HTML comment, related to a Smarty…

  • CVE-2020-35626Dec 21, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php.

  • CVE-2020-35479Dec 18, 2020
    risk 0.00cvss epss 0.01

    MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later.

  • CVE-2020-35477Dec 18, 2020
    risk 0.00cvss epss 0.02

    MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox (or a tags checkbox)…

  • CVE-2020-35474Dec 18, 2020
    risk 0.00cvss epss 0.01

    In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML.

  • CVE-2020-29002Nov 24, 2020
    risk 0.00cvss epss 0.01

    includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.

  • CVE-2020-29003Nov 24, 2020
    risk 0.00cvss epss 0.01

    The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.

  • CVE-2020-27957Oct 28, 2020
    risk 0.00cvss epss 0.01

    The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.

  • CVE-2020-27621Oct 22, 2020
    risk 0.00cvss epss 0.01

    The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data.…

  • CVE-2020-26121Sep 27, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction…

  • CVE-2020-26120Sep 27, 2020
    risk 0.00cvss epss 0.01

    XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image…

  • CVE-2019-16529Mar 19, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model.

  • CVE-2019-15124Mar 19, 2020
    risk 0.00cvss epss 0.01

    In the MobileFrontend extension for MediaWiki, XSS exists within the edit summary field of the watchlist feed. This affects REL1_31, REL1_32, and REL1_33.

  • CVE-2020-10534Mar 12, 2020
    risk 0.00cvss epss 0.01

    In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is…

  • CVE-2012-4381Feb 8, 2020
    risk 0.00cvss epss 0.04

    MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict…

  • CVE-2013-6451Jan 28, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values.

  • CVE-2014-9481Jan 27, 2020
    risk 0.00cvss epss 0.01

    The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.

  • CVE-2020-6163Jan 8, 2020
    risk 0.00cvss epss 0.01

    The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.mustache+dom file).

  • CVE-2019-19910Dec 19, 2019
    risk 0.00cvss epss 0.01

    The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical…

  • CVE-2013-4303Dec 11, 2019
    risk 0.00cvss epss 0.02

    includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows remote attackers to…

  • CVE-2019-19708Dec 11, 2019
    risk 0.00cvss epss 0.01

    The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.

  • CVE-2013-1817Nov 20, 2019
    risk 0.00cvss epss 0.03

    MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.

  • CVE-2013-1816Nov 20, 2019
    risk 0.00cvss epss 0.03

    MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.

  • CVE-2013-1951Oct 31, 2019
    risk 0.00cvss epss 0.02

    A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.

  • CVE-2019-18611Oct 29, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various levels of access to this extension. Said users should…

  • CVE-2012-0046Oct 29, 2019
    risk 0.00cvss epss 0.01

    mediawiki allows deleted text to be exposed

  • CVE-2019-14807Aug 9, 2019
    risk 0.00cvss epss 0.01

    In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php.

  • CVE-2015-8005Nov 9, 2015
    risk 0.00cvss epss 0.01

    MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file.

  • CVE-2015-8004Nov 9, 2015
    risk 0.00cvss epss 0.02

    MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns…

  • CVE-2015-8003Nov 9, 2015
    risk 0.00cvss epss 0.02

    MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

  • CVE-2015-8002Nov 9, 2015
    risk 0.00cvss epss 0.02

    The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks.

  • CVE-2015-8001Nov 9, 2015
    risk 0.00cvss epss 0.02

    The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file…

  • CVE-2015-6737Sep 1, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content.

  • CVE-2015-6736Sep 1, 2015
    risk 0.00cvss epss 0.03

    The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression.

  • CVE-2015-6735Sep 1, 2015
    risk 0.00cvss epss 0.03

    The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service (transcode deletion) by resetting a transcode.

  • CVE-2015-6734Sep 1, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to inject arbitrary web script or HTML via…

Page 5 of 8