Lucene search
K

28 matches found

Prion
Prion
added 2019/12/19 7:15 p.m.17 views

Code injection

The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 1.35 and/or 1.34 mishandles certain HTML attributes, as demonstrated by IMG onmouseover= impact is XSS and IMG src=http impact is disclosing the client's IP address. This can occur within a talk page topical header that is viewed...

4.3CVSS6.1AI score0.00655EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/19 6:41 p.m.23 views

CVE-2019-19910

The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 1.35 and/or 1.34 mishandles certain HTML attributes, as demonstrated by IMG onmouseover= impact is XSS and IMG src=http impact is disclosing the client's IP address. This can occur within a talk page topical header that is viewed...

6.2AI score0.00655EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/13 12:0 a.m.3 views

MediaWiki MobileFrontend extension cross-site scripting vulnerability

MediaWiki is the American MediaWiki Wikimedia Foundation's set of free and free web-based Wiki engine. The product can be used to deploy in-house knowledge management and content management systems. mobileFrontend extension is used in one of the mobile front-end extension. A cross-site scripting...

6.1CVSS6.4AI score0.00699EPSS
Exploits0References1
NVD
NVD
added 2019/08/09 9:15 p.m.18 views

CVE-2019-14807

In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php...

6.1CVSS6AI score0.00699EPSS
Exploits0References2
OSV
OSV
added 2019/08/09 9:15 p.m.4 views

CVE-2019-14807

In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php...

6.1CVSS6.3AI score0.00699EPSS
Exploits0References2
Prion
Prion
added 2019/08/09 9:15 p.m.18 views

Design/Logic Flaw

In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php...

4.3CVSS6AI score0.00699EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/09 8:28 p.m.21 views

CVE-2019-14807

In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php...

6.1AI score0.00699EPSS
Exploits0References2
CVE
CVE
added 2019/08/09 8:28 p.m.152 views

CVE-2019-14807

CVE-2019-14807 concerns the MediaWiki MobileFrontend extension (versions 1.31–1.33). The vulnerability is a cross-site scripting flaw in the edit summary field of includes/specials/MobileSpecialPageFeed.php, caused by a lack of proper validation of client-side data. Documents indicate the issue, ...

6.1CVSS6AI score0.00699EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder