Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-10058
A vulnerability, which was classified as problematic, was found in Wikisource Category Browser. This affects an unknown part of the file index.php. The manipulation of the argument lang leads to cross site scripting. It is possible to initiate the attack remotely. The patch is na...
Mediawiki Wikisource Category Browser
5.5
CVSSv3
CVE-2022-47927
An issue exists in MediaWiki prior to 1.35.9, 1.36.x up to and including 1.38.x prior to 1.38.5, and 1.39.x prior to 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to loc...
Mediawiki Mediawiki
Mediawiki Mediawiki 1.39.0
Fedoraproject Fedora 37
4.3
CVSSv3
CVE-2023-22945
In the GrowthExperiments extension for MediaWiki up to and including 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
Mediawiki Mediawiki
Fedoraproject Fedora 37
5.3
CVSSv3
CVE-2023-22909
An issue exists in MediaWiki prior to 1.35.9, 1.36.x up to and including 1.38.x prior to 1.38.5, and 1.39.x prior to 1.39.1. SpecialMobileHistory allows remote malicious users to cause a denial of service because database queries are slow.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.39.0
Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2023-22911
An issue exists in MediaWiki prior to 1.35.9, 1.36.x up to and including 1.38.x prior to 1.38.5, and 1.39.x prior to 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an...
Mediawiki Mediawiki
Mediawiki Mediawiki 1.39.0
Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2018-25065
A vulnerability was found in Wikimedia mediawiki-extensions-I18nTags and classified as problematic. This issue affects some unknown processing of the file I18nTags_body.php of the component Unlike Parser. The manipulation leads to cross site scripting. The attack may be initiated...
Wikimedia Mediawiki-extensions-i18ntags
5.3
CVSSv3
CVE-2022-41765
An issue exists in MediaWiki prior to 1.35.8, 1.36.x and 1.37.x prior to 1.37.5, and 1.38.x prior to 1.38.3. HTMLUserTextField exposes the existence of hidden users.
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2022-41767
An issue exists in MediaWiki prior to 1.35.8, 1.36.x and 1.37.x prior to 1.37.5, and 1.38.x prior to 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when...
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2021-44856
An issue exists in MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1. A title blocked by AbuseFilter can be created via Special:ChangeContentModel due to the mishandling of the EditFilterMergedContent hook return value.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.37.0
5.4
CVSSv3
CVE-2021-44855
An issue exists in MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1. There is Blind Stored XSS via a URL to the Upload Image feature.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.37.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »