11 matches found
Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2024-2c564b942d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for mediawiki (FEDORA-2024-2c564b942d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3671-1] mediawiki security update
Debian LTS Advisory DLA-3671-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin November 28, 2023 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.31.16-1+deb10u7 CVE ID : CVE-2023-3550 CVE-2023-45362 CVE-2023-45363 Multiple vulnerabilities were found i...
Debian dla-3671 : mediawiki - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3671 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3671-1 [email protected]...
MediaWiki < 1.35.12, 1.36.x < 1.39.5, 1.40.x < 1.40.1 Multiple Vulnerabilities - Linux
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
Debian: Security Advisory (DSA-5520-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : mediawiki -- multiple vulnerabilities (e59fed96-60da-11ee-9102-000c29de725b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e59fed96-60da-11ee-9102-000c29de725b advisory. - Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance...
CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
CVE-2023-3550
CVE-2023-3550 affects MediaWiki 1.40.0, where XML upload handling does not validate namespaces. This enables a low-privilege user to craft a malicious XML and, by enticing an administrator to open it, escalate privileges to administrator on the target wiki. Remediation in connected advisories poi...
CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...