9 matches found
Mageia: Security Advisory (MGASA-2014-0506)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MediaWiki < 1.23.7 Multiple Vulnerabilities
Binary data 9476.prm...
MediaWiki ExpandTemplates Extension < 1.24.1 Multiple Vulnerabilities (Jan 2015) - Active Check
The ExpandTemplates extension for MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-9276
Cross-site request forgery CSRF vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is set to true, allows remote attackers to hijack the authentication of users with edit permissions for...
CVE-2014-9276
Cross-site request forgery CSRF vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is set to true, allows remote attackers to hijack the authentication of users with edit permissions for...
CVE-2014-9276
Cross-site request forgery CSRF vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is set to true, allows remote attackers to hijack the authentication of users with edit permissions for...
CVE-2014-9276
CVE-2014-9276 is a CSRF vulnerability in the MediaWiki ExpandTemplates/related areas that affects 1.23.x before 1.23.7 and 1.22.x before 1.22.14, 1.20.x and earlier up to 1.19.22, when $wgRawHTML is true. The issue allows remote attackers to hijack the authentication of users with edit permission...
Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:241)
Updated mediawiki packages fix security vulnerabilies : In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML CVE-2014-9276. MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that...
Updated mediawiki packages fix security vulnerabilies
In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML CVE-2014-9276. MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that blindly unserialize PHP representations of the page from th...