MediaWiki < 1.23.7 Multiple Vulnerabilities

2016-08-05T00:00:00
ID 9476.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The version of MediaWiki installed is 1.23.x earlier than 1.23.7 and is affected by multiple vulnerabilities :

  • A flaw exists that allows a reflected cross-site scripting (XSS) attack. This flaw exists because 'Special:ExpandTemplates' does not validate input to the 'wpInput' parameter before rendering it in raw HTML and returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (CVE-2014-9276)
  • A flaw in the 'wfMangleFlashPolicy()' function in the 'OutputHandler.php' script is triggered as API output that contains 'cross-domain-policy' becomes corrupted when being handled by the aforementioned function. This may allow a remote attacker to more easily bypass intended cross-domain-policy restrictions. (CVE-2014-9277)

                                        
                                            Binary data 9476.prm