Lucene search
RedhatCVELIST:CVE-2013-4303HistoryDec 11, 2019 - 6:30 p.m.
CVE-2013-4303
2019-12-1118:30:37
redhat
www.cve.org
includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of “.” (period) characters in a string, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the siprop parameter in a query action to wiki/api.php.
CNA Affected
[
{
"product": "MediaWiki",
"vendor": "Wikimedia Foundation",
"versions": [
{
"status": "affected",
"version": "1.19.x before 1.19.8"
},
{
"status": "affected",
"version": "1.20.x before 1.20.7"
},
{
"status": "affected",
"version": "and 1.21.x before 1.21.2"
}
]
}
]Related
nvd
nvd
CVE-2013-4303
2019-12-11 19:15:12
debiancve
debiancve
CVE-2013-4303
2019-12-11 19:15:12
cve
cve
CVE-2013-4303
2019-12-11 19:15:12
prion
prion
Cross site scripting
2019-12-11 19:15:00
ubuntucve
ubuntucve
CVE-2013-4303
2019-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mediawiki-1.21.2-1.fc19
2013-09-20 16:26:42
[SECURITY] Fedora 20 Update: mediawiki-1.21.2-1.fc20
2013-09-23 00:16:58
[SECURITY] Fedora 18 Update: mediawiki-1.19.8-1.fc18
2013-09-20 16:25:33
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0276)
2022-01-28 00:00:00
Fedora Update for mediawiki FEDORA-2013-15984
2013-09-24 00:00:00
Fedora Update for mediawiki FEDORA-2013-15984
2013-09-24 00:00:00
nessus
nessus
Fedora 19 : mediawiki-1.21.2-1.fc19 (2013-15984)
2013-09-21 00:00:00
Fedora 20 : mediawiki-1.21.2-1.fc20 (2013-15937)
2013-09-23 00:00:00
Fedora 18 : mediawiki-1.19.8-1.fc18 (2013-15994)
2013-09-21 00:00:00
mageia
mageia
Updated mediawiki package fixes security vulnerabilities
2013-09-14 00:15:05
securityvulns
securityvulns
[ MDVSA-2013:235 ] mediawiki
2013-10-03 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2013-10-28 00:00:00