EUVD-2010-1219

Malware in sbrugna...

Debian Security Advisory DSA 2366-1 (mediawiki)

The remote host is missing an update to mediawiki announced via advisory DSA 2366-1. OpenVAS Vulnerability Test $Id: deb23661.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2366-1 mediawiki Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian DSA-2366-1 : mediawiki - multiple vulnerabilities

Several problems have been discovered in MediaWiki, a website engine for collaborative work. - CVE-2011-1578 CVE-2011-1587 Masato Kinugawa discovered a cross-site scripting XSS issue, which affects Internet Explorer clients only, and only version 6 and earlier. Web server configuration changes ar...

[SECURITY] [DSA 2366-1] mediawiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2366-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire December 18, 2011 http://www.debian.org/security/faq -...

CVE-2011-1579

The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets CSS token sequences, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive information by using the \2f\2a an...

Fedora 12 : mediawiki-1.15.3-53.fc12 (2010-6335)

This is a security and bugfix release of MediaWiki 1.15.3. Three security issues are fixed in this update: A CSS validation issue was discovered which allows editors to display external images in wiki pages. A data leakage vulnerability was discovered in thumb.php which affects wikis which restri...

openSUSE Security Update : mediawiki (openSUSE-SU-2010:0154-1)

MediaWiki was prone to a CSS validation flaw and data leakage vulnerability CVE-2010-1189, CVE-2010-1190. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mediawiki-2356. The text description o...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Input validation

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki prior to 1.15.2 is affected by a CSS validation issue that allows editors to link to images on attacker‑controlled sites, enabling collection of IP addresses and other user information. The root cause is the CSS validation check not preventing this behavior. Impact is limited to disclos...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Debian DSA-2022-1 : mediawiki - several vulnerabilities

Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified : - Insufficient input sanitization in the CSS validation code allows editors to display external images in wiki pages. This can be a privacy concern on public wikis as it...

[SECURITY] [DSA 2022-1] New mediawiki packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA-2022-1 [email protected] http://www.debian.org/security/ Nico Golde March 23th, 2010 http://www.debian.org/security/faq -...

DSA-2022-1 mediawiki - several vulnerabilities

Bulletin has no description...

MediaWiki < 1.15.2 'CSS validation' Information Disclosure Vulnerability

MediaWiki is prone to an information disclosure vulnerability because it fails to properly restrict the posting of remote images. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2009-0942

Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets CSS are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files...