5 matches found
MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 Multiple Vulnerabilities - Windows
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: == Security fixes == T292763. CVE-2021-44854 REST API incorrectly publicly caches autocomplete search results from private wikis. T271037, CVE-2021-44856 Title blocked in AbuseFilter can be created via Special:ChangeContentModel. T297322,...
CVE-2021-44857
CVE-2021-44857 affects MediaWiki up to: 1.35.4? (note: listed as 1.35.5, 1.36.x before 1.36.3, 1.37.x before 1.37.1). The issue allows an attacker to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page, even if the user lacks edit rights on that page, app...
Debian DSA-5021-1 : mediawiki - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5021 advisory. Multiple security issues were discovered in MediaWiki, a website engine for collaborative work: Vulnerabilities in the mcrundo and rollback actions may allow...
[SECURITY] [DSA 5021-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5021-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 15, 2021 https://www.debian.org/security/faq -...