MediaWiki 1.23.x < 1.23.15 / 1.26.x < 1.26.4 / 1.27.x < 1.27.1 Multiple Vulnerabilities

According to its version number, the MediaWiki application running on the remote web server is 1.23.x prior to 1.23.15, 1.26.x prior to 1.26.4, or 1.27.x prior to 1.27.1. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the...

Cross site scripting

MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows remote attackers to conduct cross-site scripting XSS attacks by setting the content model for a revision to JS...

CVE-2014-9507

MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows remote attackers to conduct cross-site scripting XSS attacks by setting the content model for a revision to JS...

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

CVE-2014-5242

Affected software: MediaWiki 1.22.x (before 1.22.9) and 1.23.x (before 1.23.2). Vulnerability: Cross-site scripting (XSS) in mediawiki.page.image.pagination.js. Root cause / vector: attackers can inject arbitrary web script or HTML via the multipageimagenavbox class when action=raw is involved. I...

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

PT-2010-1023 · Debian · Lintian

Name of the Vulnerable Software and Affected Versions: Lintian versions 1.23.x through 1.23.28 Lintian versions 1.24.x through 1.24.2.1 Lintian versions 2.x before 2.3.2 Description: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files or obtain sensiti...