Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2014-0253)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.5AI score0.02097EPSS
Exploits0References6
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.51 views

[SECURITY] [DSA 2957-1] mediawiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2957-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 12, 2014 http://www.debian.org/security/faq -...

2.6CVSS1.3AI score0.02097EPSS
Exploits0
Debian
Debian
added 2014/06/12 5:59 p.m.25 views

[SECURITY] [DSA 2957-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2957-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 12, 2014 http://www.debian.org/security/faq -...

2.6CVSS5.4AI score0.02097EPSS
Exploits0
OSV
OSV
added 2014/06/06 2:55 p.m.5 views

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

5.5AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2014/06/06 2:55 p.m.23 views

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

2.6CVSS6AI score0.02097EPSS
Exploits0References2
CVE
CVE
added 2014/06/06 2:0 p.m.66 views

CVE-2014-3966

CVE-2014-3966 is a cross-site scripting vulnerability in MediaWiki’s Special:PasswordReset when wgRawHtml is enabled. It affects MediaWiki versions prior to 1.19.16, 1.21.x prior to 1.21.10, and 1.22.x prior to 1.22.7, enabling remote attackers to inject arbitrary script/HTML via an invalid usern...

2.6CVSS5.5AI score0.02097EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2014/06/06 2:0 p.m.27 views

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

5.4AI score0.02097EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2014/06/06 2:0 p.m.21 views

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

2.6CVSS5.6AI score0.02097EPSS
Exploits0
Mageia
Mageia
added 2014/06/06 6:8 a.m.31 views

Updated mediawiki packages fix security vulnerability

XSS vulnerability in MediaWiki before 1.22.7, due to usernames on Special:PasswordReset being parsed as wikitext. The username on Special:PasswordReset can be supplied by anyone and will be parsed with wgRawHtml enabled. Since Special:PasswordReset is whitelisted by default on private wikis, this...

2.6CVSS5.9AI score0.02097EPSS
Exploits0References4
Rows per page
Query Builder