15 matches found
EUVD-2018-13827
Malware in sbrugna...
EUVD-2025-19901
Malicious code in bioql PyPI...
CVE-2025-53501
The CVE-2025-53501 issue affects the Mediawiki Scribunto Extension (Wikimedia Foundation). The root cause is improper access control that allows accessing functionality not properly constrained by authorization. Affected versions include Scribunto 1.39.x before 1.39.12, 1.42.x before 1.42.7, and ...
StarCitizenTools Mediawiki Extensions ShortDescription 跨站脚本漏洞
StarCitizenTools Mediawiki Extensions ShortDescription is a StarCitizenTools open source extension with wiki projects. A cross-site scripting vulnerability exists in StarCitizenTools Mediawiki Extensions ShortDescription version 4.0.0, which stems from a short description not being cleaned up...
CVE-2025-49579 Citizen allows stored XSS in menu heading message
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...
CVE-2018-25065
A vulnerability was found in Wikimedia mediawiki-extensions-I18nTags and classified as problematic. This issue affects some unknown processing of the file I18nTagsbody.php of the component Unlike Parser. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...
Security fix for the ALT Linux 9 package mediawiki-extensions-Widgets version 1.3.0-alt1git
1.3.0-alt1git built June 30, 2021 Vitaly Lipatov in task 274917 June 27, 2021 Vitaly Lipatov - new version 1.3.0 with rpmgs script - CVE-2020-9382, CVE-2020-35625...
[SECURITY] [DSA 2891-2] mediawiki regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2891-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 30, 2014 http://www.debian.org/security/faq -...
DSA-2891-1 mediawiki - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2891-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-2596-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2596-1 (mediawiki-extensions - cross-site scripting)
Thorsten Glaser discovered that the RSSReader extension for MediaWiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the MediaWiki pages. OpenVAS Vulnerability Test $Id: deb25961.nasl 8972 2018-02-28...
Debian DSA-2596-1 : mediawiki-extensions - XSS
Thorsten Glaser discovered that the RSSReader extension for MediaWiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the MediaWiki pages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 2596-1] mediawiki-extensions security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2596-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire December 30, 2012 http://www.debian.org/security/faq -...