28 matches found
CVE-2020-35474
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML...
CVE-2020-35474
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML...
UBUNTU-CVE-2013-6472
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the 1 log API, 2 enhanced RecentChanges, and 3 user watchlists...
Design/Logic Flaw
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attackers to obtain sensitive information revision-deleted IPs via the Recent Changes page...
CVE-2013-4569
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attackers to obtain sensitive information revision-deleted IPs via the Recent Changes page...
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further...
LabWiki 1.1 Cross Site Scripting / Shell Upload
------------------------------------------------------------------------ LabWiki alert'muuratsalo'&help=true&page=Whatiswiki http://localhost/LabWiki/recentchanges.php?nothing=nothing&pageno="alert'muuratsalo'...
CVE-2006-1196
Multiple cross-site scripting XSS vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 from and 2 help parameters to a index.php; 3 action, 4 page, 5 debug, 6 help, 7 username, or 8 password parameters to b login.php; the 7 help parameter to c...