Lucene search
RedhatCVELIST:CVE-2013-4303HistoryDec 11, 2019 - 6:30 p.m.
CVE-2013-4303
2019-12-1118:30:37
redhat
www.cve.org
includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of “.” (period) characters in a string, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the siprop parameter in a query action to wiki/api.php.
CNA Affected
[
{
"product": "MediaWiki",
"vendor": "Wikimedia Foundation",
"versions": [
{
"status": "affected",
"version": "1.19.x before 1.19.8"
},
{
"status": "affected",
"version": "1.20.x before 1.20.7"
},
{
"status": "affected",
"version": "and 1.21.x before 1.21.2"
}
]
}
]Related
cve
cve
CVE-2013-4303
2019-12-11 19:15:12
debiancve
debiancve
CVE-2013-4303
2019-12-11 19:15:12
nvd
nvd
CVE-2013-4303
2019-12-11 19:15:12
prion
prion
Cross site scripting
2019-12-11 19:15:00
ubuntucve
ubuntucve
CVE-2013-4303
2019-12-11 00:00:00
nessus
nessus
Fedora 19 : mediawiki-1.21.2-1.fc19 (2013-15984)
2013-09-21 00:00:00
Fedora 20 : mediawiki-1.21.2-1.fc20 (2013-15937)
2013-09-23 00:00:00
Fedora 18 : mediawiki-1.19.8-1.fc18 (2013-15994)
2013-09-21 00:00:00
openvas
openvas
Fedora Update for mediawiki FEDORA-2013-15984
2013-09-24 00:00:00
Mageia: Security Advisory (MGASA-2013-0276)
2022-01-28 00:00:00
Fedora Update for mediawiki FEDORA-2013-15984
2013-09-24 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mediawiki-1.21.2-1.fc20
2013-09-23 00:16:58
[SECURITY] Fedora 19 Update: mediawiki-1.21.2-1.fc19
2013-09-20 16:26:42
[SECURITY] Fedora 18 Update: mediawiki-1.19.8-1.fc18
2013-09-20 16:25:33
mageia
mageia
Updated mediawiki package fixes security vulnerabilities
2013-09-14 00:15:05
securityvulns
securityvulns
[ MDVSA-2013:235 ] mediawiki
2013-10-03 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2013-10-28 00:00:00