7 matches found
voting-station.net Cross Site Scripting vulnerability OBB-3445615
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] [DSA 2891-2] mediawiki regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2891-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 30, 2014 http://www.debian.org/security/faq -...
Mandriva Linux Security Advisory : mediawiki (MDVSA-2013:290)
Updated mediawiki packages fix security vulnerabilities : Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting JavaScript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...
CVE-2013-4567
CVE-2013-4567 describes an incomplete blacklist in MediaWiki’s CSS sanitizer (Sanitizer::checkCss), enabling remote XSS via a backspace character in CSS. Affected are MediaWiki releases prior to fixed updates: 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3. The issue arises from insuf...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...
Fedora Update for mediawiki FEDORA-2013-21874
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...