14 matches found
CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
CVE-2019-19709
creationtimestamp| type| source ---|---|--- 2024-03-10 09:11:25+00:00| seen| https://t.me/ctinow/204150...
Mageia: Security Advisory (MGASA-2020-0021)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2020-0021 Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editi...
Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editi...
Debian DSA-4592-1 : mediawiki - security update
It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4592. The text itself is...
Debian: Security Advisory (DSA-4592-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4592-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4592-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 26, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4592-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4592-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 26, 2019 https://www.debian.org/security/faq -...
Security fix for the ALT Linux 9 package mediawiki version 1.34.0-alt1
Dec. 22, 2019 Vitaly Lipatov 1.34.0-alt1 - new version 1.34.0 with rpmrb script - CVE-2019-19709...
MediaWiki < 1.31.6 / 1.32.6 / 1.33.2 / 1.34.0 Blacklist Bypass Vulnerability - Linux
MediaWiki is prone to a blacklist bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki";...
MediaWiki < 1.31.6 / 1.32.6 / 1.33.2 / 1.34.0 Blacklist Bypass Vulnerability - Windows
MediaWiki is prone to a blacklist bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki";...
CVE-2019-19709
CVE-2019-19709 affects MediaWiki up to version 1.33.1, where an attacker can bypass the Title_blacklist protection by starting from an arbitrary title, creating a non-resolvable redirect for the target page, and using redirect=1 in the action API during edit. The issue is demonstrated across mult...
CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...