Published: 31/03/2023 Updated: 07/11/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

An issue exists in MediaWiki prior to 1.35.10, 1.36.x up to and including 1.38.x prior to 1.38.6, and 1.39.x prior to 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mediawiki mediawiki
fedoraproject fedora 37

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, a bypass of vandalism protections or information disclosure For the oldstable distribution (bullseye), these problems have been fixed in version 1:13511-1~deb11u1 For the stable distribution (bookworm), the ...

Description This CVE is under investigation by Red Hat Product Security ...

NVD-CWE-noinfo https://phabricator.wikimedia.org/T285159 https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39 https://www.debian.org/security/2023/dsa-5447 https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5447

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-29141

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect