Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki 1.19.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-4378
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki prior to 1.18.5 and 1.19.x prior to 1.19.2, when unspecified JavaScript gadgets are used, allow remote malicious users to inject arbitrary web script or HTML via the userlang parameter to w/index.php.
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki
4.3
CVSSv2
CVE-2012-4379
MediaWiki prior to 1.18.5, and 1.19.x prior to 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote malicious users to conduct clickjacking attacks via an embedded API response in an IFRAME element.
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki
4.3
CVSSv2
CVE-2014-7199
Cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.19.19, 1.22.x prior to 1.22.11, and 1.23.x prior to 1.23.4 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG file.
Mediawiki Mediawiki 1.23.0
Mediawiki Mediawiki 1.22.8
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.22.10
Mediawiki Mediawiki 1.22.6
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.15
Mediawiki Mediawiki 1.22.5
Mediawiki Mediawiki 1.23.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.22.9
Mediawiki Mediawiki 1.23.1
Mediawiki Mediawiki 1.19.10
Mediawiki Mediawiki 1.22.7
Mediawiki Mediawiki 1.19.9
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.16
Mediawiki Mediawiki 1.19.18
Mediawiki Mediawiki 1.22.3
Mediawiki Mediawiki 1.19.11
4.3
CVSSv2
CVE-2014-5243
MediaWiki prior to 1.19.18, 1.20.x up to and including 1.22.x prior to 1.22.9, and 1.23.x prior to 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site...
Mediawiki Mediawiki 1.23.0
Mediawiki Mediawiki 1.22.8
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.22.6
Mediawiki Mediawiki 1.21.8
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.15
Mediawiki Mediawiki 1.22.5
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.23.1
Mediawiki Mediawiki 1.21.5
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.19.10
Mediawiki Mediawiki 1.21.6
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.22.7
Mediawiki Mediawiki 1.21.10
4.3
CVSSv2
CVE-2013-6452
Cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.19.10, 1.2x prior to 1.21.4, and 1.22.x prior to 1.22.1 allows remote malicious users to inject arbitrary web script or HTML via crafted XSL in an SVG file.
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.3
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.2
4.3
CVSSv2
CVE-2013-6454
Cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.19.10, 1.2x prior to 1.21.4, and 1.22.x prior to 1.22.1 allows remote malicious users to inject arbitrary web script or HTML via a -o-link attribute.
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.3
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.2
4.3
CVSSv2
CVE-2013-4574
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki prior to 1.19.10, 1.2x prior to 1.21.4, and 1.22.x prior to 1.22.1 allows remote malicious users to inject arbitrary web script or HTML via vectors related to videos.
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.3
4.3
CVSSv2
CVE-2014-2853
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki prior to 1.21.9 and 1.22.x prior to 1.22.6 allows remote malicious users to inject arbitrary web script or HTML via the sort key in an info action.
Mediawiki Mediawiki 1.3.13
Mediawiki Mediawiki 1.5.6
Mediawiki Mediawiki 1.4
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.7.3
Mediawiki Mediawiki 1.6.3
Mediawiki Mediawiki 1.8.2
Mediawiki Mediawiki 1.5.1
Mediawiki Mediawiki 1.5.8
Mediawiki Mediawiki 1.4.11
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.2.4
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.3.12
Mediawiki Mediawiki 1.4.1
Mediawiki Mediawiki 1.4.8
Mediawiki Mediawiki 1.17.1
Mediawiki Mediawiki 1.5.3
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.14.0
4.3
CVSSv2
CVE-2014-2242
includes/upload/UploadBase.php in MediaWiki prior to 1.19.12, 1.20.x and 1.21.x prior to 1.21.6, and 1.22.x prior to 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via an SVG upload...
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.17.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.11.0
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.18
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.12.3
Mediawiki Mediawiki 1.15.3
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.21.5
4.3
CVSSv2
CVE-2014-2244
Cross-site scripting (XSS) vulnerability in the formatHTML function in includes/api/ApiFormatBase.php in MediaWiki prior to 1.19.12, 1.20.x and 1.21.x prior to 1.21.6, and 1.22.x prior to 1.22.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted st...
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.17.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.11.0
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.18
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.12.3
Mediawiki Mediawiki 1.15.3
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.21.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »