Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-35479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return o...

6.1CVSS6.8AI score0.01476EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2021-0086)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.01573EPSS
Exploits2References6
Mageia
Mageia
added 2021/02/19 10:27 a.m.86 views

Updated mediawiki packages fix security vulnerability

In MediaWiki before 1.31.11, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colu...

7.5CVSS6.6AI score0.01573EPSS
Exploits2References4
ALT Linux
ALT Linux
added 2020/12/30 12:0 a.m.28 views

Security fix for the ALT Linux 9 package mediawiki version 1.35.1-alt1

1.35.1-alt1 built Dec. 30, 2020 Vitaly Lipatov in task 263837 Dec. 23, 2020 Vitaly Lipatov - new version 1.35.1 with rpmrb script - T268894, CVE-2020-35474, T268917, CVE-2020-35475 - T268938, CVE-2020-35478, CVE-2020-35479 - T205908, CVE-2020-35477, T120883, CVE-2020-35480...

5CVSS6AI score0.01573EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2020/12/28 12:0 a.m.51 views

Fedora 33 : mediawiki (2020-0be2d40e13)

https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December /000268.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible witho...

7.5CVSS6.2AI score0.01573EPSS
Exploits4References8
Debian
Debian
added 2020/12/23 1:38 a.m.58 views

[SECURITY] [DLA 2504-1] mediawiki security update

Debian LTS Advisory DLA-2504-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez December 22, 2020 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.27.7-1deb9u7 CVE ID : CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480 Multiple security...

6.1CVSS6.3AI score0.01516EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2020/12/23 12:0 a.m.40 views

Debian DLA-2504-1 : mediawiki security update

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work. CVE-2020-15005 Private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them...

6.1CVSS5.9AI score0.01516EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2020/12/23 12:0 a.m.22 views

Debian: Security Advisory (DLA-2504-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.8AI score0.01516EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2020/12/22 12:0 a.m.18 views

MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.1AI score0.01573EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2020/12/22 12:0 a.m.24 views

MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.1AI score0.01573EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2020/12/21 12:0 a.m.39 views

Debian DSA-4816-1 : mediawiki - security update

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

7.5CVSS6.2AI score0.01573EPSS
Exploits2References9
Circl
Circl
added 2020/12/18 12:47 p.m.5 views

CVE-2020-35479

creationtimestamp| type| source ---|---|--- 2020-12-18 12:47:04+00:00| seen| https://t.me/cibsecurity/21066...

6.1CVSS6.4AI score0.01476EPSS
Exploits1References1
Debian
Debian
added 2020/12/18 9:46 a.m.54 views

[SECURITY] [DSA 4816-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4816-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 18, 2020 https://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.01573EPSS
Exploits2
OSV
OSV
added 2020/12/18 8:15 a.m.2 views

DEBIAN-CVE-2020-35479

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later...

6.1CVSS6.4AI score0.01476EPSS
Exploits1References1
CVE
CVE
added 2020/12/18 7:42 a.m.84 views

CVE-2020-35479

CVE-2020-35479 affects MediaWiki prior to 1.35.1. The vulnerability is due to XSS through BlockLogFormatter.php, caused by Language::translateBlockExpiry not escaping in all code paths (e.g., Language::userTimeAndDate returns HTML-unsafe month values). Affected versions include MediaWiki 1.12.0 a...

6.1CVSS6.3AI score0.01476EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2020/12/18 7:42 a.m.22 views

CVE-2020-35479

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later...

6.4AI score0.01476EPSS
Exploits1References5
Rows per page
Query Builder