25 matches found
EUVD-2021-22759
Malware in sbrugna...
BIT-MEDIAWIKI-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...
The vulnerability of the Special:UserRights component of the MediaWiki software, which enables the implementation of a hypertext environment, allows a perpetrator to disclose protected information.
The vulnerability of the Special:UserRights component of the MediaWiki software, which is used to implement the hypertext environment, is related to errors in permission handling. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
The vulnerability of the “userrights-expiry-current” and “userrights-expiry-none” messages in the MediaWiki software environment, related to a lack of mechanisms for encoding or shielding output data, allows attackers to gain access to confidential information.
The vulnerability of the “userrights-expiry-current” and “userrights-expiry-none” messages in the MediaWiki software, which is used to implement the hypertext environment, is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability could allow a...
MediaWiki cross-site scripting vulnerability (CNVD-2020-74053)
MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. MediaWiki before 1.35.1 suffers from a cross-site scripting vulnerability tha...
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
Cross-site Scripting (XSS)
mediawiki is vulnerable to cross-site scripting XSS. The vulnerability exists when a user visits Special:UserRights and does not have rights to change all userrights, and the table on the left side has unchangeable groups in it...
CVE-2020-35475
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...
CVE-2020-35475
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...
Design/Logic Flaw
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...
CVE-2020-35475
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...
CVE-2020-35475
CVE-2020-35475 affects MediaWiki before 1.35.1. The vulnerability arises when certain messages, specifically userrights-expiry-current and userrights-expiry-none, contain raw HTML, allowing cross-site scripting (XSS) if a user visits Special:UserRights and cannot change all userrights; the left-h...
CVE-2020-35475
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...
MediaWiki 跨站脚本漏洞
MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. MediaWiki before 1.35.1 suffers from a cross-site scripting vulnerability tha...
Information Disclosure
MediaWiki is vulnerable to information disclosure. pecial:UserRights exposes the existence of hidden users to remote attackers...
CVE-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...
PT-2020-5806 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.1 Description: The issue is related to the messages userrights-expiry-current and userrights-expiry-none containing raw HTML, which can lead to XSS when a user visits Special:UserRights without having the righ...
CVE-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...
DEBIAN-CVE-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...
UBUNTU-CVE-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...