7 matches found
EUVD-2021-32240
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-45474
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter. CVE-2021-45474 Note that Nessus...
BIT-MEDIAWIKI-2021-45474
In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...
MediaWiki Cross-Site Scripting Vulnerability (CNVD-2022-08322)
MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki 1.37 and earlier versions, which stems from th...
CVE-2021-45474
In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...
UBUNTU-CVE-2021-45474
In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...
CVE-2021-45474
In MediaWiki up to 1.37, the Special:ImportFile (FileImporter) accepts the clientUrl parameter without proper escaping, allowing cross-site scripting (XSS). The root cause is insufficient sanitization of the clientUrl input in the ImportFile workflow. The CVE entry documents this vulnerability an...