Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/07/09 3:14 p.m.4 views

CVE-2025-53486

The WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript event handlers such as onmouseenter using carefully crafted input via the tag:tagcloud parser...

5.4CVSS6AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.5 views

Wikimedia Mediawiki - MintyDocs Extension 安全漏洞

Wikimedia Mediawiki - MintyDocs Extension is a document creation and management extension from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - MintyDocs Extension that stems from improper input neutralization and could lead to a stored cross-site scripting attac...

3.7CVSS5.8AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.3 views

Wikimedia Mediawiki - MintyDocs Extension 安全漏洞

Wikimedia Mediawiki - MintyDocs Extension is a document creation and management extension from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - MintyDocs Extension that stems from improper input neutralization and could lead to a stored cross-site scripting attac...

6.5CVSS5.8AI score0.0023EPSS
Exploits1References2
OSV
OSV
added 2024/10/05 2:15 a.m.7 views

CVE-2024-47841

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9...

7.5CVSS5.8AI score0.34179EPSS
Exploits1References3
NVD
NVD
added 2024/10/05 12:15 a.m.24 views

CVE-2024-47848

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - PageTriage allows Authentication Bypass.This issue affects Mediawiki - PageTriage: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...

6.9CVSS0.00502EPSS
Exploits0References3
NVD
NVD
added 2023/11/03 5:15 a.m.17 views

CVE-2023-45360

An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers...

5.4CVSS5.9AI score0.00567EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/11/03 5:15 a.m.25 views

CVE-2023-45360

An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers...

5.4CVSS6.1AI score0.00567EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/11/03 12:0 a.m.38 views

CVE-2023-45362

An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser aka "X intermediate revisions by the same user not shown" ignores username suppression. This is an information leak...

4.3CVSS4.4AI score0.00626EPSS
Exploits1
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.11 views

MediaWiki Cross-Site Scripting Vulnerability

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki before 1.35.12, versions 1.36.x through 1.39.5, a...

5.4CVSS6.1AI score0.00567EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2023/10/09 6:30 a.m.17 views

MediaWiki Denial of Service vulnerability

An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service unbounded loop and RequestTimeoutException when querying pages redirected to other variants with redirects and...

7.5CVSS6.5AI score0.22699EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2023/10/09 12:0 a.m.25 views

CVE-2023-45373

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...

6.2AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.5 views

MediaWiki 信息泄露漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.39.x and prior versions, which stems from...

5.3CVSS5.1AI score0.00601EPSS
Exploits1References3
Rows per page
Query Builder