4 matches found
MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities
According to its version number, the MediaWiki application running on the remote host is affected by the following vulnerabilities : - An input validation error exists related to handling API errors that allows reflected cross-site scripting attacks. CVE-2014-9714, CVE-2015-2941 - An input...
[ MDVSA-2015:200 ] mediawiki
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:200 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : April 10, 2015 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: In...
CVE-2015-2937
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service "quadratic blowup" and memory consumption via an XML file containing an entity declaration with long replacement text and many references to th...
CVE-2015-2937
CVE-2015-2937 affects MediaWiki prior to 1.19.24, 1.2x prior to 1.23.9, and 1.24.x prior to 1.24.2 when running with HHVM or Zend PHP. It enables a remote attacker to cause denial of service via an XML file containing an entity declaration with long replacement text and many references to the ent...