Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wikimedia vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-12473
Wikimedia MediaWiki 1.27.0 up to and including 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
445
VMScore
CVE-2019-12474
Wikimedia MediaWiki 1.23.0 up to and including 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
383
VMScore
CVE-2019-12471
Wikimedia MediaWiki 1.30.0 up to and including 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
445
VMScore
CVE-2019-12472
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 up to and including 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2