Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2014/08/27 12:0 a.m.35 views

Fedora 20 : mediawiki-1.23.2-1.fc20 (2014-9583)

This is a major update from the 1.21 branch to the 1.23 long term support branch. - bug 68187 SECURITY: Prepend jsonp callback with comment. - CVE-2014-5241 - bug 66608 SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in JavaScript,instead of relying on the U...

6.8CVSS8AI score0.02074EPSS
Exploits3References5
Debian
Debian
added 2014/08/23 3:27 p.m.22 views

[SECURITY] [DSA 3011-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3011-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.01774EPSS
Exploits2
OSV
OSV
added 2014/08/23 12:0 a.m.26 views

DSA-3011-1 mediawiki - security update

Bulletin has no description...

6.8CVSS6.1AI score0.01774EPSS
Exploits2
OSV
OSV
added 2014/08/22 5:55 p.m.7 views

CVE-2014-5243

MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...

6.3AI score
Exploits0References8
CVE
CVE
added 2014/08/22 5:0 p.m.63 views

CVE-2014-5243

CVE-2014-5243 affects MediaWiki up to versions 1.22.x before 1.22.9 and 1.23.x before 1.23.2, plus earlier 1.19.18; the issue is failure to enforce an IFRAME protection mechanism for transcluded pages, enabling clickjacking via a crafted site. Connected advisories confirm related fixes and cross-...

4.3CVSS5.9AI score0.01774EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2014/08/22 5:0 p.m.25 views

CVE-2014-5243

MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...

6AI score0.01774EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2014/08/22 12:0 a.m.25 views

Debian: Security Advisory (DSA-3011-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7AI score0.01774EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/08/13 12:0 a.m.35 views

MediaWiki < 1.19.18 / 1.22.9 / 1.23.2 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - A flaw exists due to comments not being prepended to the JSONP callbacks. This allows a remote attacker, using a specially crafted SWF file, to perform a cross-si...

6.8CVSS8.4AI score0.02074EPSS
Exploits3References9
Mageia
Mageia
added 2014/08/05 8:8 p.m.37 views

Updated mediawiki packages fix security vulnerabilities

MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash CVE-2014-5241, XSS in mediawiki.page.image.pagination.js CVE-2014-5242, and clickjacking between OutputPage and ParserOutput CVE-2014-5243. This update provides MediaWiki 1.23.2, fixing these and other issues...

6.8CVSS9.1AI score0.02074EPSS
Exploits3References3
Rows per page
Query Builder