MediaWiki < 1.35.0 Multiple Vulnerabilities

According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.35. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the default Cologne Blue skin in the qbfind paramter inside CologneBlueTemplate.php leading to...

MediaWiki Open Redirect vulnerability

resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.34.0-rc.0 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page...

MediaWiki Input Validation Error Vulnerability (CNVD-2020-36523)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. An input validation error vulnerability exists in the...

PT-2020-12450 · Wikimedia +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35 MediaWiki versions prior to 1.34.0-rc.0 Description: The issue allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. This is achieved by exploiting the...