2 matches found
MediaWiki XXE Vulnerability - Windows
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service DoS, or possibly have other impact via an XML external entity XXE attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...
CVE-2014-9487
CVE-2014-9487 involves the getID3 library used by MediaWiki. The flaw enables an XML External Entity (XXE) attack that can cause the system to read arbitrary files, with potential denial of service or other impact. Affected MediaWiki versions are 1.19.23, 1.22.15, 1.23.8, and 1.24.0 prior to 1.24...