Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.17 views

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2024-2c564b942d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.7AI score0.01151EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.32 views

Fedora: Security Advisory for mediawiki (FEDORA-2024-2c564b942d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.7AI score0.01151EPSS
Exploits6References2
Debian
Debian
added 2023/11/28 11:46 a.m.28 views

[SECURITY] [DLA 3671-1] mediawiki security update

Debian LTS Advisory DLA-3671-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin November 28, 2023 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.31.16-1+deb10u7 CVE ID : CVE-2023-3550 CVE-2023-45362 CVE-2023-45363 Multiple vulnerabilities were found i...

9CVSS6.5AI score0.22699EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/11/28 12:0 a.m.31 views

Debian dla-3671 : mediawiki - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3671 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3671-1 [email protected]...

9CVSS6AI score0.22699EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2023/10/18 12:0 a.m.22 views

MediaWiki < 1.35.12, 1.36.x < 1.39.5, 1.40.x < 1.40.1 Multiple Vulnerabilities - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

9CVSS6.1AI score0.22699EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2023/10/11 12:0 a.m.18 views

Debian: Security Advisory (DSA-5520-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.6AI score0.22699EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2023/10/02 12:0 a.m.20 views

FreeBSD : mediawiki -- multiple vulnerabilities (e59fed96-60da-11ee-9102-000c29de725b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e59fed96-60da-11ee-9102-000c29de725b advisory. - Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance...

9CVSS7.3AI score0.01151EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/25 3:20 p.m.37 views

CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0

Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...

7.3CVSS7.2AI score0.01151EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/09/25 3:20 p.m.19 views

CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0

Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...

7.3CVSS6.7AI score0.01151EPSS
Exploits1References5
CVE
CVE
added 2023/09/25 3:20 p.m.119 views

CVE-2023-3550

CVE-2023-3550 affects MediaWiki 1.40.0, where XML upload handling does not validate namespaces. This enables a low-privilege user to craft a malicious XML and, by enticing an administrator to open it, escalate privileges to administrator on the target wiki. Remediation in connected advisories poi...

9CVSS7.2AI score0.01151EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2023/09/25 3:20 p.m.29 views

CVE-2023-3550

Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...

9CVSS7AI score0.01151EPSS
Exploits1
Rows per page
Query Builder