Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-44854
An issue exists in MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1. The REST API publicly caches results from private wikis.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.37.0
NA
CVE-2021-44855
An issue exists in MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1. There is Blind Stored XSS via a URL to the Upload Image feature.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.37.0
NA
CVE-2022-4561
A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site ...
Mediawiki Semantic Drilldown
NA
CVE-2022-23473
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edi...
Enalean Tuleap
NA
CVE-2022-42985
The ScratchLogin extension up to and including 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).
Scratch-wiki Scratch Login
NA
CVE-2021-42045
An issue exists in SecurePoll in the Growth extension in MediaWiki up to and including 1.36.2. Simple polls allow users to create alerts by changing their User-Agent HTTP header and submitting a vote.
Mediawiki Mediawiki
NA
CVE-2021-42046
An issue exists in the GlobalWatchlist extension in MediaWiki up to and including 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript.
Mediawiki Mediawiki
NA
CVE-2021-42047
An issue exists in the Growth extension in MediaWiki up to and including 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fa...
Mediawiki Mediawiki
NA
CVE-2021-42048
An issue exists in the Growth extension in MediaWiki up to and including 1.36.2. Any admin can add arbitrary JavaScript code to the Newcomer home page footer, which can be executed by viewers with zero edits.
Mediawiki Mediawiki
NA
CVE-2021-42049
An issue exists in the Translate extension in MediaWiki up to and including 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.
Mediawiki Mediawiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »