Lucene search

CVE-2013-4568

🗓️ 13 Dec 2013 18:54:07Reported by redhatType

Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS

Reporter	Title	Published	Views	Family All 35
Prion	Cross site scripting	13 Dec 201318:07	–	prion
NVD	CVE-2013-4568	13 Dec 201318:07	–	nvd
UbuntuCve	CVE-2013-4568	13 Dec 201300:00	–	ubuntucve
Cvelist	CVE-2013-4568	13 Dec 201318:00	–	cvelist
Debian CVE	CVE-2013-4568	13 Dec 201318:07	–	debiancve
Mageia	Updated mediawiki packages fix security vulnerabilities	13 Dec 201302:21	–	mageia
Mageia	Updated mediawiki packages fix security vulnerabilities	3 Mar 201400:53	–	mageia
securityvulns	[ MDVSA-2013:290 ] mediawiki	9 Jan 201400:00	–	securityvulns
securityvulns	[ MDVSA-2014:057 ] mediawiki	5 May 201400:00	–	securityvulns
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	9 Jan 201400:00	–	securityvulns

Nvd

Node

mediawiki mediawikiMatch1.20

mediawiki mediawikiMatch1.20.1

mediawiki mediawikiMatch1.20.2

mediawiki mediawikiMatch1.20.3

mediawiki mediawikiMatch1.20.4

mediawiki mediawikiMatch1.20.5

mediawiki mediawikiMatch1.20.6

mediawiki mediawikiMatch1.20.7

Node

mediawiki mediawikiMatch1.21

mediawiki mediawikiMatch1.21.1

mediawiki mediawikiMatch1.21.2

Node

mediawiki mediawikiRange≤1.19.8

mediawiki mediawikiMatch1.19

mediawiki mediawikiMatch1.19beta_1

mediawiki mediawikiMatch1.19beta_2

mediawiki mediawikiMatch1.19.0

mediawiki mediawikiMatch1.19.1

mediawiki mediawikiMatch1.19.2

mediawiki mediawikiMatch1.19.3

mediawiki mediawikiMatch1.19.4

mediawiki mediawikiMatch1.19.5

mediawiki mediawikiMatch1.19.6

mediawiki mediawikiMatch1.19.7

Source	Link
securityfocus	www.securityfocus.com/bid/63761
lists	www.lists.wikimedia.org/pipermail/mediawiki-announce/2013-November/000135.html
debian	www.debian.org/security/2014/dsa-2891
bugzilla	www.bugzilla.wikimedia.org/attachment.cgi
lists	www.lists.fedoraproject.org/pipermail/package-announce/2013-December/122998.html
bugzilla	www.bugzilla.wikimedia.org/show_bug.cgi
secunia	www.secunia.com/advisories/57472
lists	www.lists.fedoraproject.org/pipermail/package-announce/2013-December/123011.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Dec 2013 18:07Current

6.1Medium risk

Vulners AI Score6.1

CVSS24.3

EPSS0.00414