4 matches found
CVE-2017-0369
CVE-2017-0369 affects MediaWiki prior to 1.28.1, 1.27.2, and 1.23.16, exposing a flaw where sysops could undelete pages despite protection. Connected sources corroborate the issue across multiple advisories (Fedora/Mageia) and vulnerability trackers, without detailing exploit vectors beyond the u...
CVE-2017-0369
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it...
CVE-2017-0369 Sysops can undelete pages, although the page is protected against it
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it...
Fedora 25 : mediawiki (2017-3fb95ed01f)
T109140 T122209 Special:UserLogin and Special:Search allow redirect to interwiki links. CVE-2017-0363, CVE-2017-0364 - T144845 XSS in SearchHighlighter::highlightText when $wgAdvancedSearchHighlighting is true. CVE-2017-0365 - T125177 API parameters may now be marked as 'sensitive' to keep their...