4 matches found
Fedora 8 : mediawiki-1.13.3-41.99.fc8 (2008-11688)
This is a security release of MediaWiki 1.13.3. Some of the security issues affect all versions of MediaWiki except the versions released on Dec. 15th, so all site administrators are encouraged to upgrade. CVEs assigned to the mentioned MediaWiki update: CVE-2008-5249 Cross-site scripting XSS...
CVE-2008-5252
Cross-site request forgery CSRF vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors...
CVE-2008-5687
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/...
CVE-2008-5252
Cross-site request forgery CSRF vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors...