Lucene search
HistoryMay 12, 2014 - 2:55 p.m.
CVE-2013-6452
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
53.5%
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file.
Affected configurations
Node
mediawikimediawikiMatch1.22.0
Node
mediawikimediawikiMatch1.21
ORmediawikimediawikiMatch1.21.1
ORmediawikimediawikiMatch1.21.2
ORmediawikimediawikiMatch1.21.3
Node
mediawikimediawikiRange≤1.19.9
ORmediawikimediawikiMatch1.19
ORmediawikimediawikiMatch1.19beta_1
ORmediawikimediawikiMatch1.19beta_2
ORmediawikimediawikiMatch1.19.0
ORmediawikimediawikiMatch1.19.1
ORmediawikimediawikiMatch1.19.2
ORmediawikimediawikiMatch1.19.3
ORmediawikimediawikiMatch1.19.4
ORmediawikimediawikiMatch1.19.5
ORmediawikimediawikiMatch1.19.6
ORmediawikimediawikiMatch1.19.7
ORmediawikimediawikiMatch1.19.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mediawiki | mediawiki | 1.22.0 | cpe:2.3:a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21 | cpe:2.3:a:mediawiki:mediawiki:1.21:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.1 | cpe:2.3:a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.2 | cpe:2.3:a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.3 | cpe:2.3:a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:* |
| mediawiki | mediawiki | * | cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:beta_1:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:beta_2:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19.0 | cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2013-6452
2014-05-12 14:55:06
ubuntucve
ubuntucve
CVE-2013-6452
2014-05-12 00:00:00
debiancve
debiancve
CVE-2013-6452
2014-05-12 14:55:06
cvelist
cvelist
CVE-2013-6452
2014-05-12 14:00:00
prion
prion
Cross site scripting
2014-05-12 14:55:00
openvas
openvas
MediaWiki Multiple Vulnerabilities -02 (Nov 2015) - Windows
2015-11-26 00:00:00
MediaWiki Multiple Vulnerabilities -02 (Nov 2015) - Linux
2015-11-26 00:00:00
Mageia: Security Advisory (MGASA-2014-0113)
2022-01-28 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2014-03-03 00:53:30
fedora
fedora
[SECURITY] Fedora 20 Update: mediawiki-1.21.5-1.fc20
2014-02-07 03:09:15
[SECURITY] Fedora 19 Update: mediawiki-1.21.5-1.fc19
2014-02-07 03:06:58
[SECURITY] Fedora 19 Update: mediawiki-1.21.9-1.fc19
2014-05-06 03:34:45
securityvulns
securityvulns
[ MDVSA-2014:057 ] mediawiki
2014-05-05 00:00:00
debian
debian
[SECURITY] [DSA 2891-2] mediawiki regression update
2014-03-31 17:07:21
[SECURITY] [DSA 2891-1] mediawiki security update
2014-03-30 09:25:39
[SECURITY] [DSA 2891-3] mediawiki regression update
2014-04-04 18:02:59
nessus
nessus
Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:057)
2014-03-14 00:00:00
MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities
2014-02-06 00:00:00
Debian DSA-2891-1 : mediawiki, mediawiki-extensions Multiple Vulnerabilities
2014-03-31 00:00:00
osv
osv
mediawiki - security update
2014-03-30 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2015-02-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
53.5%
Related for NVD:CVE-2013-6452