Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scratch-wiki scratch login vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-15164
in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading, trailing, or repeated underscore(s), since those are treated as whitespace and trimmed by MediaWiki. This affects all users on any wiki using this ex...
Scratch-wiki Scratch Login
4.8
CVSSv3
CVE-2022-42985
The ScratchLogin extension up to and including 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).
Scratch-wiki Scratch Login
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started