Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-45360
An issue exists in MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers.
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
NA
CVE-2023-45361
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure For the oldstable distribution (bullseye), these problems have been fixed in version 1:1.35.13-1...
NA
CVE-2023-45359
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure For the oldstable distribution (bullseye), these problems have been fixed in version 1:1.35.13-1...
5.3
CVSSv3
CVE-2023-45370
An issue exists in the SportsTeams extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right...
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
4.3
CVSSv3
CVE-2023-45369
An issue exists in the PageTriage extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. Usernames of hidden users are exposed.
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
7.5
CVSSv3
CVE-2023-45371
An issue exists in the Wikibase extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. There is no rate limit for merging items.
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2023-45372
An issue exists in the Wikibase extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g., AbuseFilter).
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2023-45374
An issue exists in the SportsTeams extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams.
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
6.1
CVSSv3
CVE-2023-45373
An issue exists in the ProofreadPage extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. XSS can occur via formatNumNoSeparators.
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2023-45364
An issue exists in includes/page/Article.php in MediaWiki 1.36.x up to and including 1.39.x prior to 1.39.5 and 1.40.x prior to 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given pag...
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »