3 matches found
PT-2023-12138 · Mediawiki +1 · Visualeditor +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31 through 1.31.12 MediaWiki versions 1.32.x through 1.35.1 Description: An issue was discovered in the VisualEditor extension. When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden,...
PT-2020-6810 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.x through 1.31.9 MediaWiki versions 1.32.x through 1.34.x before 1.34.4 Description: The issue is related to errors in permission handling in the Special:UserRights component of MediaWiki. This can allow a remote...
PT-2020-6811 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.10 and earlier MediaWiki versions 1.32.x through 1.34.3 Description: An issue was discovered in the non-jqueryMsg version of mw.message.parse, which doesn't escape HTML. This affects both message contents and the...