CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
23.7%
A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool
is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could
allow an attacker acting remotely to affect the integrity and availability of protected
information
Vulnerability in the SportsTeams extension of the MediaWiki hypertext environment implementation software tool
is related to failure to validate the anti-CSRF edit token in Special:SportsTeamsManager and
Special:UpdateFavoriteTeams. Exploitation of the vulnerability could allow an attacker acting remotely,
compromise the confidentiality, integrity and availability of protected information
Vulnerability in the file includes/page/Article.php of the software tool for implementing hypertext environment
MediaWiki is related to incorrect assignment of permissions for a critical resource when checking the request for
certificate signature request. Exploitation of the vulnerability could allow an attacker acting remotely to gain
Unauthorized access to protected information
Vulnerability in the DifferenceEngine.php file of a software tool for implementing a hypertext environment
MediaWiki is related to user name ignoring. Exploitation of the vulnerability could allow
an attacker acting remotely to gain access to confidential information
Vulnerability in the ProofreadPage extension of the hypertext environment implementation software tool
MediaWiki is related to the possibility XSS could occur via formatNumNoSeparators. Exploitation of the
of the vulnerability could allow an attacker acting remotely to compromise confidentiality, carry out
cross-site scripting attacks
Vulnerability in the PageTriage extension of the MediaWiki hypertext environment implementation tool
is related to the disclosure of hidden user names. Exploitation of the vulnerability could allow an attacker,
acting remotely, unauthorized access to protected information
Vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool
is related to failure to run edit filters. Exploitation of the vulnerability could allow an intruder,
acting remotely, compromise confidentiality, impact data integrity
Vulnerability in the MediaWiki hypertext environment implementation software is related to incorrect input neutralization during web creation.
input neutralization during web page creation. Exploitation of the vulnerability could allow an attacker,
acting remotely, to perform cross-site scripting attacks
Vulnerability in the ApiPageSet.php file of the MediaWiki hypertext environment implementation software tool
is associated with an unbounded loop and RequestTimeoutException when a request for it is
redirected to other variants with redirects set and headers converted.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
Vulnerability in the SportsTeams extension of the MediaWiki hypertext implementation software tool
is related to a lack of permission checking. Exploitation of the vulnerability could allow an attacker,
remotely compromise the confidentiality, integrity, and availability of protected information.
Vulnerability in CheckUser extension of the MediaWiki hypertext environment implementation software is related to the use of rest.php URL.
is related to the use of the URL rest.php/checkuser/v0/useragent-clienthints/revision/ to store an
an arbitrary number of strings in cu_useragent_clienthints. Exploitation of the vulnerability could allow
an attacker acting remotely to cause a denial of service
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
23.7%