Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2014/08/27 12:0 a.m.35 views

Fedora 20 : mediawiki-1.23.2-1.fc20 (2014-9583)

This is a major update from the 1.21 branch to the 1.23 long term support branch. - bug 68187 SECURITY: Prepend jsonp callback with comment. - CVE-2014-5241 - bug 66608 SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in JavaScript,instead of relying on the U...

6.8CVSS8AI score0.02074EPSS
Exploits3References5
NVD
NVD
added 2014/08/22 5:55 p.m.18 views

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

4.3CVSS5.5AI score0.02074EPSS
Exploits1References6
CVE
CVE
added 2014/08/22 5:0 p.m.58 views

CVE-2014-5242

Affected software: MediaWiki 1.22.x (before 1.22.9) and 1.23.x (before 1.23.2). Vulnerability: Cross-site scripting (XSS) in mediawiki.page.image.pagination.js. Root cause / vector: attackers can inject arbitrary web script or HTML via the multipageimagenavbox class when action=raw is involved. I...

4.3CVSS5.8AI score0.02074EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2014/08/22 5:0 p.m.29 views

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

5.9AI score0.02074EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2014/08/22 5:0 p.m.27 views

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

4.3CVSS8AI score0.02074EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/08/13 12:0 a.m.35 views

MediaWiki < 1.19.18 / 1.22.9 / 1.23.2 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - A flaw exists due to comments not being prepended to the JSONP callbacks. This allows a remote attacker, using a specially crafted SWF file, to perform a cross-si...

6.8CVSS8.4AI score0.02074EPSS
Exploits3References9
Mageia
Mageia
added 2014/08/05 8:8 p.m.38 views

Updated mediawiki packages fix security vulnerabilities

MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash CVE-2014-5241, XSS in mediawiki.page.image.pagination.js CVE-2014-5242, and clickjacking between OutputPage and ParserOutput CVE-2014-5243. This update provides MediaWiki 1.23.2, fixing these and other issues...

6.8CVSS9.1AI score0.02074EPSS
Exploits3References3
Rows per page
Query Builder