Total
355 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-44858 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=edit&undo= followed by action=mcrundo and action=mcrrestore to view private pages on a private wiki that has at least one page set in $wgWhitelistRead. | |||||
CVE-2021-41798 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page. | |||||
CVE-2021-42042 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. The growthexperiments-edit-config-error-invalid-title MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript. | |||||
CVE-2021-45471 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items. | |||||
CVE-2021-42040 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion. | |||||
CVE-2021-45038 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents. | |||||
CVE-2021-44857 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page (that the user doesn't have edit rights for). This applies to any public wiki, or a private wiki that has at least one page set in $wgWhitelistRead. | |||||
CVE-2021-42043 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text (a parameter to mediasearch-did-you-mean) was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator within the query. | |||||
CVE-2021-46150 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Special:CheckUserLog allows CheckUser XSS because of date mishandling, as demonstrated by an XSS payload in MediaWiki:October. | |||||
CVE-2021-46149 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service (resource consumption) can be accomplished by searching for a very long key in a Language Name Search. | |||||
CVE-2021-46146 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The WikibaseMediaInfo component is vulnerable to XSS via the caption fields for a given media file. | |||||
CVE-2021-41801 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog) | |||||
CVE-2021-46148 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information (e.g., IP addresses and User-Agent headers for election traffic) on a testwiki SecurePoll instance. | |||||
CVE-2021-41799 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan. | |||||
CVE-2021-30159 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's only called if Title::getArticleID() returns non-zero with no special flags. Next, MovePage::moveToInternal() will delete the page if getArticleID(READ_LATEST) is non-zero. Therefore, if the page is missing in the replica DB, isValidMove() will return true, and then moveToInternal() will unconditionally delete the page if it can be found in the master. | |||||
CVE-2021-36132 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 6.0 MEDIUM | 8.8 HIGH |
An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform. | |||||
CVE-2021-36130 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36. Within several gift-related special pages, a privileged user with the awardmanage right could inject arbitrary HTML and JavaScript within various gift-related data fields. The attack could easily propagate across many pages for many users. | |||||
CVE-2021-31550 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers. | |||||
CVE-2021-30152 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for. | |||||
CVE-2021-36125 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special:GlobalRenameRequest page is vulnerable to infinite loops and denial of service attacks when a user's current username is beyond an arbitrary maximum configuration value (MaxNameChars). |