Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-28202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties ...

6.1CVSS6.4AI score0.01152EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.99 views

Debian DSA-5246-1 : mediawiki - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5246 advisory. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

8.1CVSS6.6AI score0.0182EPSS
Exploits3References33
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0145)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.01152EPSS
Exploits3References4
Mageia
Mageia
added 2022/04/18 7:42 a.m.60 views

Updated mediawiki packages fix security vulnerability

Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki CVE-2022-28201. Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete CVE-2022-28202. Requesting Special:NewFiles on a wiki with many file uploads with acto...

7.5CVSS1.5AI score0.01152EPSS
Exploits3References2
NCSC
NCSC
added 2022/04/06 12:0 a.m.6 views

Vulnerabilities fixed in MediaWiki

There are vulnerabilities in MediaWiki. A malicious party could vulnerabilities potentially exploit them to cause a denial-of-service cause. To exploit, the malicious party must be able to modify page titles or only be able to modify a specially prepared URI to visit. A malicious party can exploi...

7.5CVSS6.9AI score0.01152EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/04/04 12:0 a.m.32 views

FreeBSD : mediawiki -- multiple vulnerabilities (79ea6066-b40e-11ec-8b93-080027b24e86)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 79ea6066-b40e-11ec-8b93-080027b24e86 advisory. - An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x...

7.5CVSS6AI score0.01152EPSS
Exploits3References6
NVD
NVD
added 2022/03/30 6:15 a.m.17 views

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS0.01152EPSS
Exploits0References5
CVE
CVE
added 2022/03/30 12:0 a.m.111 views

CVE-2022-28202

CVE-2022-28202 affects MediaWiki pre-1.35.6, 1.36.x pre-1.36.4, and 1.37.x pre-1.37.2. The issue is an XSS in which the widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or in Special:RevisionDelete. Public disclosures in multiple advisories co...

6.1CVSS6.3AI score0.01152EPSS
Exploits0References5Affected Software1
FreeBSD
FreeBSD
added 2021/12/12 12:0 a.m.34 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: T297543, CVE-2022-28202 Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete. T297571, CVE-2022-28201 Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki. T297731, CVE-2022-28203 Requestin...

7.5CVSS1.4AI score0.01152EPSS
Exploits3References1
Rows per page
Query Builder