3 matches found
CVE-2017-0364
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link...
CVE-2017-0364
CVE-2017-0364 affects MediaWiki prior to 1.28.1, 1.27.2, and 1.23.16. The flaw is that Special:Search can redirect the user to any interwiki link, enabling potential misleading redirects within the wiki ecosystem. Connected sources corroborate the same vulnerability description across multiple fe...
Fedora 25 : mediawiki (2017-3fb95ed01f)
T109140 T122209 Special:UserLogin and Special:Search allow redirect to interwiki links. CVE-2017-0363, CVE-2017-0364 - T144845 XSS in SearchHighlighter::highlightText when $wgAdvancedSearchHighlighting is true. CVE-2017-0365 - T125177 API parameters may now be marked as 'sensitive' to keep their...