Lucene search
K

6 matches found

CVE
CVE
added 3 days ago11 views

CVE-2026-58033

CVE-2026-58033 affects Wikimedia Foundation MediaWiki and involves exposure of sensitive information via the includes/Actions/InfoAction.Php path. The issue impacts MediaWiki versions prior to 1.46.0, including 1.45.4, 1.44.6, and 1.43.9. The connected sources consistently describe the vulnerabil...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-58033

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/17 4:7 a.m.9 views

Cross-site scripting vulnerability in includes/actions/InfoAction.php

Cross-site scripting XSS vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action...

4.3CVSS5.7AI score0.02377EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/05/01 12:0 a.m.20 views

MediaWiki < 1.21.9 / 1.22.6 'InfoAction.php' XSS

According to its version number, the instance of MediaWiki running on the remote host is affected by a cross-site scripting vulnerability. A flaw exists with 'sortKey' in the 'InfoAction.php' script. This allows a remote attacker to execute arbitrary code within the server and browser trust...

4.3CVSS8.5AI score0.02377EPSS
Exploits0References5
Prion
Prion
added 2014/04/29 6:55 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action...

4.3CVSS6AI score0.02377EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2014/04/29 6:0 p.m.65 views

CVE-2014-2853

CVE-2014-2853 is a cross-site scripting vulnerability in MediaWiki’s includes/actions/InfoAction.php. The issue allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action. Affected versions are MediaWiki before 1.21.9 and 1.22.x before 1.22.6; the vulnerabil...

4.3CVSS5.8AI score0.02377EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder