6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-41799
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. ApiQueryBacklinks action=query&list=backlinks...
CVE-2021-42049
An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information such as PII. This allows oversighters to whitewash revisions...
CVE-2021-42040
An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop and php-fpm hang within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion...
CVE-2021-42043
The CVE-2021-42043 entry concerns MediaWiki’s Special:MediaSearch in the MediaSearch extension up to version 1.36.2. The bug is caused by improper sanitization of the suggestion text parameter to mediasearch-did-you-mean, enabling injection/execution of HTML and JavaScript via the intitle: search...
CVE-2021-42043
An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text a parameter to mediasearch-did-you-mean was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator...
PT-2021-23481 · Mediawiki +1 · Mediawiki +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.36.2 GrowthExperiments extension in MediaWiki versions through 1.36.2 Description: An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension. The...