Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2014/10/22 12:0 a.m.27 views

Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:198)

Updated mediawiki packages fix security vulnerability : MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files CVE-2014-7199. MediaWiki before 1.23.5 is vulnerable to cross-site scripting due to JavaScript injection via...

4.3CVSS7.8AI score0.01983EPSS
Exploits0References3
Mageia
Mageia
added 2014/10/07 9:22 a.m.28 views

Updated mediawiki packages fix security vulnerbilities

Updated mediawiki packages fix security vulnerability: MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files CVE-2014-7199. MediaWiki before 1.23.5 is vulnerable to cross-site scripting due to JavaScript injection via user-specific...

4.3CVSS8.9AI score0.01983EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/10/07 12:0 a.m.29 views

Fedora Update for mediawiki FEDORA-2014-11727

Check the version of mediawiki SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868360";...

7.5CVSS7AI score0.42777EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2014/10/01 12:0 a.m.25 views

Debian Security Advisory DSA 3036-1 (mediawiki - security update)

It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting. OpenVAS Vulnerability Test $Id: deb3036.nasl 8972 2018-02-28 07:02:10Z cfischer $ Auto-generated from advisory DSA 3036-1 using nvtgen 1.0 Script version: 1.0...

4.3CVSS0.01983EPSS
Exploits0References1
OSV
OSV
added 2014/09/30 2:55 p.m.8 views

CVE-2014-7199

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file...

5.3AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/09/30 2:55 p.m.26 views

CVE-2014-7199

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file...

4.3CVSS7.3AI score0.01983EPSS
Exploits0References1
CVE
CVE
added 2014/09/30 2:0 p.m.71 views

CVE-2014-7199

CVE-2014-7199 is a MediaWiki XSS vulnerability due to crafted SVG handling. Affected versions are MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4. An attacker could inject arbitrary web script/HTML via an SVG file uploaded to the wiki, enabling remote code execution in t...

4.3CVSS5.8AI score0.01983EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder