40 matches found
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
The vulnerability of the ProofreadPage extension, a software tool for implementing a hypertext environment like MediaWiki, allows a hacker to carry out cross-site scripting attacks.
The vulnerability of the ProofreadPage extension, a software tool for implementing the MediaWiki hypertext environment, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attac...
BIT-MEDIAWIKI-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
BIT-MEDIAWIKI-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
CVE-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
CVE-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
Design/Logic Flaw
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
MediaWiki Cross-Site Scripting Vulnerability
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki, which stems from a cross-site scripting attack by t...
CVE-2023-45373
The CVE-2023-45373 entry concerns the ProofreadPage extension for MediaWiki. It describes an XSS vulnerability that can be triggered via formatNumNoSeparators in affected versions: MediaWiki ProofreadPage extension before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. The...
CVE-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
PT-2023-8946 · Mediawiki +2 · Mediawiki Proofreadpage Extension +2
Name of the Vulnerable Software and Affected Versions: MediaWiki ProofreadPage extension versions prior to 1.35.12 MediaWiki ProofreadPage extension versions 1.36.x through 1.39.x before 1.39.5 MediaWiki ProofreadPage extension versions 1.40.x before 1.40.1 Description: The issue exists due to a...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
Code injection
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37305
CVE-2023-37305 affects the MediaWiki ProofreadPage extension (up to version 1.39.3). The issue lies in includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php , where hidden users can be exposed via public interfaces. This is a confidentiality-related exposure described as p...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
PT-2023-25896 · Mediawiki +1 · Mediawiki Proofreadpage Extension +1
Name of the Vulnerable Software and Affected Versions: MediaWiki ProofreadPage extension versions through 1.39.3 Description: An issue in the ProofreadPage extension for MediaWiki allows hidden users to be exposed via public interfaces, specifically in the includes/Page/PageContentHandler.php and...