logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2014-5243

Description

MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.


Affected Package


OS OS Version Package Name Package Version
Debian 12 mediawiki 1:1.35.7-1
Debian 11 mediawiki 1:1.35.4-1+deb11u2
Debian 10 mediawiki 1:1.31.16-1+deb10u2
Debian 999 mediawiki 1:1.35.7-1

Related