Lucene search
K

5 matches found

Mageia
Mageia
added 2019/09/15 2:45 p.m.66 views

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: Potential XSS in jQuery CVE-2019-11358. An account can be logged out without using a token CSRF CVE-2019-12466. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them CVE-2019-12467. Directly...

9.8CVSS1AI score0.87218EPSS
Exploits4References4
CVE
CVE
added 2019/07/10 2:58 p.m.94 views

CVE-2019-12468

CVE-2019-12468 affects MediaWiki 1.27.0–1.32.1. The issue is an Incorrect Access Control vulnerability where directly POSTing to Special:ChangeEmail bypasses re-authentication, enabling potential account takeover. Connected advisories confirm the flaw and describe remediation in vendor packages: ...

9.8CVSS7.5AI score0.03427EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2019/07/10 2:58 p.m.35 views

CVE-2019-12468

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover...

9.8CVSS9.5AI score0.03427EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/06/13 12:0 a.m.79 views

Security fix for the ALT Linux 9 package mediawiki version 1.32.2-alt1

1.32.2-alt1 built June 13, 2019 Vitaly Lipatov in task 231690 June 6, 2019 Vitaly Lipatov - new version 1.32.2 with rpmrb script - CVE-2019-12468, CVE-2019-12473, CVE-2019-12471 - CVE-2019-12472, CVE-2019-12474, CVE-2019-12467 - CVE-2019-12466, CVE-2019-12469, CVE-2019-12470 - CVE-2019-11358...

7.5CVSS6.8AI score0.87218EPSS
Exploits4
Debian
Debian
added 2019/06/11 10:27 p.m.170 views

[SECURITY] [DSA 4460-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4460-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.2AI score0.87218EPSS
Exploits4
Rows per page
Query Builder