Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2014-0124)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS7AI score0.0245EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.47 views

Fedora Update for mediawiki FEDORA-2014-3338

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.42777EPSS
Exploits15References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.42 views

Fedora Update for mediawiki FEDORA-2014-3344

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.42777EPSS
Exploits15References2
seebug.org
seebug.org
added 2014/03/06 12:0 a.m.45 views

MediaWiki 'includes/upload/UploadBase.php'跨站脚本漏洞

BUGTRAQ ID:65910 CVE ID:CVE-2014-2242 MediaWiki是一款Wiki程序。 MediaWiki 'includes/upload/UploadBase.php'脚本跨站脚本漏洞。由于程序未能限制SVG文件使用无效的命名空间,远程攻击者可通过上传特制的SVG文件利用该漏洞实施跨站脚本攻击。 0 MediaWiki Mediawiki = 1.19.11 MediaWiki Mediawiki 1.20.x MediaWiki Mediawiki 1.21.x1.21.6 MediaWiki Mediawiki 1.22.x1.22.3 厂商补丁:...

4.3CVSS0.1AI score0.0245EPSS
Exploits1
OSV
OSV
added 2014/03/02 4:57 a.m.4 views

CVE-2014-2242

includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting XSS attacks via an SVG upload, as demonstrated by use of a W...

5.6AI score
Exploits0References8
CVE
CVE
added 2014/03/02 2:0 a.m.65 views

CVE-2014-2242

The CVE affects MediaWiki versions using UploadBase.php (before 1.19.12; 1.20.x before 1.21.6; 1.21.x before 1.21.6; 1.22.x before 1.22.3). It stems from not blocking invalid SVG namespaces, allowing XSS via SVG uploads (e.g., W3C XHTML namespace with an IFRAME). Exploitation is via SVG upload; i...

4.3CVSS5.8AI score0.0245EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2014/03/02 2:0 a.m.39 views

CVE-2014-2242

includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting XSS attacks via an SVG upload, as demonstrated by use of a W...

4.3CVSS7AI score0.0245EPSS
Exploits1
Rows per page
Query Builder