42 matches found
PT-2025-25347 · Citizen · Citizen
Name of the Vulnerable Software and Affected Versions: Citizen versions prior to 3.3.1 Description: The issue affects the Citizen MediaWiki skin, which integrates extensions into a cohesive experience. It allows users with the editinterface right to insert arbitrary HTML into the DOM by editing...
PT-2025-25348 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: Citizen versions prior to 3.3.1 Description: The issue affects the Citizen MediaWiki skin, where system messages in menu headings using the Menu.mustache template are inserted as raw HTML. This allows users with the editinterface right to...
CVE-2024-25109
ManageWiki is a MediaWiki extension allowing users to manage wikis. Special:ManageWiki does not escape escape interface messages on the columns and help keys on the form descriptor. An attacker may exploit this and would have a cross site scripting attack vector. Exploiting this on-wiki requires...
CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
CVE-2024-47612 XSS in Special:DataDump when displaying dump status
DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped more specifically, datadump-table-column-queued, datadump-table-column-in-progress, datadump-table-column-completed, datadump-table-column-failed. If these messages are edited which requires t...
CVE-2024-36123
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page MediaWiki:Tagline has its contents used unescaped, so custom HTML including Javascript can be injected by someone with the ability to edit the MediaWiki namespace typically those with the editinterface...
UBUNTU-CVE-2024-36123
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page MediaWiki:Tagline has its contents used unescaped, so custom HTML including Javascript can be injected by someone with the ability to edit the MediaWiki namespace typically those with the editinterface...
CVE-2024-36123 Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page MediaWiki:Tagline has its contents used unescaped, so custom HTML including Javascript can be injected by someone with the ability to edit the MediaWiki namespace typically those with the editinterface...
BIT-MEDIAWIKI-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
Cross-site Scripting (XSS)
miraheze/manage-wiki is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of the columns and help keys interface messages within the form descriptor. An attacker requires the editinterface right to exploit this vulnerability...
CVE-2024-25109
ManageWiki is a MediaWiki extension allowing users to manage wikis. Special:ManageWiki does not escape escape interface messages on the columns and help keys on the form descriptor. An attacker may exploit this and would have a cross site scripting attack vector. Exploiting this on-wiki requires...
CVE-2024-25107 Cross-Site Scripting in WikiDiscover
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...
CVE-2024-25107 Cross-Site Scripting in WikiDiscover
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...
PT-2024-20752 · Unknown · Wikidiscover
Name of the Vulnerable Software and Affected Versions: WikiDiscover affected versions not specified Description: The issue arises from the use of the Language::date function on Special:WikiDiscover, which utilizes unescaped interface messages to translate month and day names. This results in an X...
DEBIAN-CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
UBUNTU-CVE-2022-28201
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...
CVE-2022-28201
CVE-2022-28201 affects MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The root cause is an infinite recursion triggered when a user with editinterface permission mishandles a bare local interwiki for the mainpage message. This can lead to a denial of service via recursio...