Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.29 views

MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities

According to its version number, the MediaWiki application running on the remote host is affected by the following vulnerabilities : - An input validation error exists related to handling API errors that allows reflected cross-site scripting attacks. CVE-2014-9714, CVE-2015-2941 - An input...

7.1CVSS8.4AI score0.02834EPSS
Exploits4References18
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.92 views

[ MDVSA-2015:200 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:200 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : April 10, 2015 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: In...

7.1CVSS5.7AI score0.0271EPSS
Exploits1
NVD
NVD
added 2015/04/13 2:59 p.m.13 views

CVE-2015-2940

Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...

6.8CVSS6.6AI score0.01103EPSS
Exploits0References7
OSV
OSV
added 2015/04/13 2:59 p.m.6 views

CVE-2015-2940

Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...

6.5AI score
Exploits0References8
CVE
CVE
added 2015/04/13 2:0 p.m.62 views

CVE-2015-2940

CVE-2015-2940 is a CSRF flaw in the MediaWiki CheckUser extension that can allow a remote attacker to hijack a user’s session and retrieve sensitive information. The connected advisories corroborate this as part of multiple vulnerabilities affecting MediaWiki, with remediation guidance to upgrade...

6.8CVSS6.6AI score0.01103EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2015/04/13 2:0 p.m.26 views

CVE-2015-2940

Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...

6.8CVSS6.4AI score0.01103EPSS
Exploits0
Rows per page
Query Builder