Lucene search
K

41 matches found

OSV
OSV
added 2024/03/06 10:55 a.m.14 views

BIT-MEDIAWIKI-2024-23179

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

6.1CVSS5.9AI score0.00429EPSS
Exploits1References3
NVD
NVD
added 2024/01/12 6:15 a.m.38 views

CVE-2024-23179

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

6.1CVSS6AI score0.00429EPSS
Exploits1References2
Prion
Prion
added 2024/01/12 6:15 a.m.21 views

Design/Logic Flaw

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

5.8CVSS6.2AI score0.00429EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/01/12 12:0 a.m.15 views

CVE-2024-23179

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

6.1CVSS6AI score0.00429EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/12 12:0 a.m.35 views

CVE-2024-23179

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

6.1AI score0.00429EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.6 views

PT-2024-2681 · Unknown +2 · Globalblocking Extension +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.40.2 GlobalBlocking extension versions prior to 1.40.2 Description: The issue is related to the GlobalBlocking extension in MediaWiki, where improper input neutralization during web page creation can lead to...

6.4CVSS6AI score0.00429EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.27 views

CVE-2024-23179

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

6.2AI score0.00429EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.4 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki versions prior to 1.40.2, which stems from a cross-site...

6.1CVSS5.8AI score0.00429EPSS
Exploits1References3
CVE
CVE
added 2024/01/12 12:0 a.m.70 views

CVE-2024-23179

CVE-2024-23179 : In MediaWiki, the GlobalBlocking extension pre-1.40.2 is vulnerable to i18n-based XSS via a Special:GlobalBlock?uselang=x-xss URI, potentially affecting subtitle links in buildSubtitleLinks due to improper input handling. Affected software: MediaWiki up to 1.40.2 and GlobalBlocki...

6.1CVSS5.9AI score0.00429EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/03/13 12:0 a.m.3 views

MediaWiki Elevation of Privilege Vulnerability

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.34.0 and earlier versions with...

9.8CVSS6.8AI score0.0121EPSS
Exploits0
NVD
NVD
added 2020/03/12 11:15 p.m.20 views

CVE-2020-10534

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled...

9.8CVSS9.4AI score0.0121EPSS
Exploits0References2
OSV
OSV
added 2020/03/12 11:15 p.m.18 views

CVE-2020-10534

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled...

9.8CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2020/03/12 11:15 p.m.17 views

Code injection

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled...

7.5CVSS9.4AI score0.0121EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/03/12 11:15 p.m.3 views

CVE-2020-10534

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled...

9.8CVSS5.3AI score0.0121EPSS
Exploits0References4
CVE
CVE
added 2020/03/12 10:14 p.m.84 views

CVE-2020-10534

The CVE-2020-10534 issue affects the MediaWiki World: GlobalBlocking extension prior to 2020-03-10 and affected MediaWiki versions up to 1.34.0. The vulnerability arises from IP range evaluation where an IP address that is contained in two ranges, one of which is locally disabled, can allow block...

9.8CVSS9.4AI score0.0121EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 10:14 p.m.27 views

CVE-2020-10534

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled...

9.5AI score0.0121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/03/12 12:0 a.m.7 views

PT-2020-12190 · Wikimedia +1 · Mediawiki +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.34.0 GlobalBlocking extension before 2020-03-10 Description: An issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address i...

9.8CVSS5AI score0.01768EPSS
Exploits3References21
UbuntuCve
UbuntuCve
added 2017/10/19 9:29 p.m.18 views

CVE-2012-4380

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors...

7.5CVSS7.1AI score0.01649EPSS
Exploits0References2
CVE
CVE
added 2017/10/19 9:0 p.m.66 views

CVE-2012-4380

CVE-2012-4380 affects MediaWiki before 1.18.5 and 1.19.x before 1.19.2, allowing remote attackers to bypass the GlobalBlocking extension IP address blocking and create an account via unspecified vectors. The connected sources consistently describe the same impact across Windows/Linux OpenVAS entr...

7.5CVSS7.5AI score0.01649EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/10/19 9:0 p.m.31 views

CVE-2012-4380

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors...

7.5CVSS7.5AI score0.01649EPSS
Exploits0
Rows per page
Query Builder