Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wikimedia vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-12473
Wikimedia MediaWiki 1.27.0 up to and including 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
445
VMScore
CVE-2019-12474
Wikimedia MediaWiki 1.23.0 up to and including 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
383
VMScore
CVE-2019-12471
Wikimedia MediaWiki 1.30.0 up to and including 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
Debian Debian Linux 9.0
445
VMScore
CVE-2019-12472
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 up to and including 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Mediawiki Mediawiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2