Lucene search
HistoryMay 12, 2014 - 2:55 p.m.
CVE-2013-4574
cve-2013-4574
cross-site scripting
xss
timemediahandler
mediawiki
security vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.6%
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.
Affected configurations
Node
mediawikimediawikiRange≤1.19.9
ORmediawikimediawikiMatch1.19
ORmediawikimediawikiMatch1.19beta_1
ORmediawikimediawikiMatch1.19beta_2
ORmediawikimediawikiMatch1.19.0
ORmediawikimediawikiMatch1.19.1
ORmediawikimediawikiMatch1.19.2
ORmediawikimediawikiMatch1.19.3
ORmediawikimediawikiMatch1.19.4
ORmediawikimediawikiMatch1.19.5
ORmediawikimediawikiMatch1.19.6
ORmediawikimediawikiMatch1.19.7
ORmediawikimediawikiMatch1.19.8
Node
mediawikimediawikiMatch1.22.0
Node
mediawikimediawikiMatch1.21
ORmediawikimediawikiMatch1.21.1
ORmediawikimediawikiMatch1.21.2
ORmediawikimediawikiMatch1.21.3
Related
nvd
nvd
CVE-2013-4574
2014-05-12 14:55:04
prion
prion
Cross site scripting
2014-05-12 14:55:00
cvelist
cvelist
CVE-2013-4574
2014-05-12 14:00:00
nessus
nessus
MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities
2014-02-06 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.6%
Related for CVE-2013-4574