Lucene search
+L

6 matches found

openvas
openvas
added 2021/10/21 12:0 a.m.21 views

Fedora: Security Advisory for mediawiki (FEDORA-2021-eee8b7514f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.01943EPSS
Exploits2References2
openvas
openvas
added 2021/10/21 12:0 a.m.25 views

Fedora: Security Advisory for mediawiki (FEDORA-2021-56d8173b5e)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.01943EPSS
Exploits2References2
mageia
mageia
added 2021/10/13 7:39 p.m.36 views

Updated mediawiki packages fix security vulnerability

XSS vulnerability in Special:Search. CVE-2021-41798 ApiQueryBacklinks can cause a full table scan. CVE-2021-41799 Fix PoolCounter protection of Special:Contributions. CVE-2021-41800 ReplaceText continues performing actions if the user no longer has the correct permission such as by being blocked...

8.8CVSS2.6AI score0.01735EPSS
Exploits1References4
cve
cve
added 2021/10/11 12:0 a.m.106 views

CVE-2021-41798

MediaWiki before 1.36.2 is affected by CVE-2021-41798. The issue arises because month-related MediaWiki messages are not escaped before being used on the Special:Search results page, enabling cross-site scripting (XSS). The vulnerability is addressed by upgrading to MediaWiki 1.36.2 or newer (and...

6.1CVSS7AI score0.01302EPSS
Exploits1References5Affected Software1
nessus
nessus
added 2021/10/05 12:0 a.m.35 views

FreeBSD : mediawiki -- multiple vulnerabilities (f84ab297-2285-11ec-9e79-08002789875b)

MediaWiki reports : T285515, CVE-2021-41798 SECURITY: XSS vulnerability in Special:Search. T290379, CVE-2021-41799 SECURITY: ApiQueryBacklinks can cause a full table scan. T284419, CVE-2021-41800 SECURITY: fix PoolCounter protection of Special:Contributions. T279090, CVE-2021-41801 SECURITY:...

8.8CVSS6.2AI score0.01735EPSS
Exploits1References6
redhatcve
redhatcve
added 2021/09/30 8:24 p.m.50 views

CVE-2021-41798

Cross-site scripting XSS vulnerability was found in mediawiki. Due to insufficient sanitization of user-supplied data in Special:Search function a remote attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website...

6.1CVSS2.8AI score0.01302EPSS
Exploits1References4
Rows per page
Query Builder