Lucene search

Fluid AttacksCVELIST:CVE-2023-3550

HistorySep 25, 2023 - 3:20 p.m.

CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0

2023-09-2515:20:27

CWE-79

Fluid Attacks

www.cve.org

cve-2023-3550

stored xss

mediawiki v1.40.0

xml files

remote attacker

administrator

exploit

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

Mediawiki v1.40.0 does not validate namespaces used in XML files.

Therefore, if the instance administrator allows XML file uploads,

a remote attacker with a low-privileged user account can use this

exploit to become an administrator by sending a malicious link to

the instance administrator.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "MacOS"
    ],
    "product": "MediaWiki",
    "vendor": "MediaWiki",
    "versions": [
      {
        "status": "affected",
        "version": "1.40.0"
      }
    ]
  }
]

References

fluidattacks.com/advisories/blondie/

lists.debian.org/debian-lts-announce/2023/11/msg00027.html

lists.fedoraproject.org/archives/list/[email protected]/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/

www.debian.org/security/2023/dsa-5520

www.mediawiki.org/wiki/MediaWiki/

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVELIST:CVE-2023-3550