3 matches found
MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities
According to its version number, the MediaWiki application running on the remote host is affected by the following vulnerabilities : - An input validation error exists related to handling API errors that allows reflected cross-site scripting attacks. CVE-2014-9714, CVE-2015-2941 - An input...
CVE-2015-2942
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of nested entity references in an 1 SVG file or 2 XMP metadata in a PDF file, aka a "billion laughs attack," ...
CVE-2015-2942
CVE-2015-2942 affects MediaWiki prior to 1.19.24, 1.2.x prior to 1.23.9, and 1.24.x prior to 1.24.2 when used with HHVM. A vulnerability arises from processing a large number of nested entity references in an SVG file or in XMP metadata inside a PDF, enabling a remote attacker to trigger a denial...