Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2008-5249

Published: 19/12/2008 Updated: 14/10/2009
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Mediawiki

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 up to and including 1.13.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

mediawiki mediawiki 1.13.2

mediawiki mediawiki 1.13.1

mediawiki mediawiki 1.13.0

Vendor Advisories

Debian Security Advisories: DSA-1901-1 mediawiki1.7 -- several vulnerabilities
Several vulnerabilities have been discovered in mediawiki17, a website engine for collaborative work The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-5249 David Remahl discovered that mediawiki17 is prone to a cross-site scripting attack CVE-2008-5250 David Remahl discovered that mediawiki17, when I ...
Debian CVElist Bug Report Logs: CVE-2008-5249: XSS vulnerability in MediaWiki
Debian Bug report logs - #508868 CVE-2008-5249: XSS vulnerability in MediaWiki Package: mediawiki; Maintainer for mediawiki is Kunal Mehta <legoktm@debianorg>; Source for mediawiki is src:mediawiki (PTS, buildd, popcon) Reported by: Raphael Geissert <atomo64@gmailcom> Date: Tue, 16 Dec 2008 04:48:01 UTC Severity: ...
Debian CVElist Bug Report Logs: CVE-2008-5250: several local script injection vulnerabilities in MediaWiki
Debian Bug report logs - #508869 CVE-2008-5250: several local script injection vulnerabilities in MediaWiki Package: mediawiki; Maintainer for mediawiki is Kunal Mehta <legoktm@debianorg>; Source for mediawiki is src:mediawiki (PTS, buildd, popcon) Reported by: Raphael Geissert <atomo64@gmailcom> Date: Tue, 16 Dec ...
Debian CVElist Bug Report Logs: CVE-2008-5252: CSRF vulnerability affecting the Special:Import feature in MediaWiki
Debian Bug report logs - #508870 CVE-2008-5252: CSRF vulnerability affecting the Special:Import feature in MediaWiki Package: mediawiki; Maintainer for mediawiki is Kunal Mehta <legoktm@debianorg>; Source for mediawiki is src:mediawiki (PTS, buildd, popcon) Reported by: Raphael Geissert <atomo64@gmailcom> Date: Tue ...

Github Repositories

https://github.com/Ksaivinay0708/OWASP

OWASP-Top-10-practice This repository used for save results of learning Web Application Security on practice It contains files by categories OWASP TOP10 2013 At the beginning those files were with vulnerable code After some tests, vulnerabilities were patched If you want, you may use this files to your experiments It is very easy to make files vulnerable again Links, that

References

CWE-79http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.htmlhttp://secunia.com/advisories/33133http://www.securityfocus.com/bid/32844https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01309.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-December/msg01256.htmlhttp://secunia.com/advisories/33349http://www.debian.org/security/2009/dsa-1901https://nvd.nist.govhttps://www.debian.org/security/./dsa-1901
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook