MediaWiki 1.37.x < 1.37.1 Multiple Vulnerabilities

According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.35.5, 1.36.x prior to 1.36.3 or 1.37 prior to 1.37.1, It is, therefore, affected by a number of vulnerabilities as follows. - A vulnerability in the date validation functions of...

MediaWiki 1.36.x < 1.36.3 Multiple Vulnerabilities

According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.35.5, 1.36.x prior to 1.36.3 or 1.37 prior to 1.37.1, It is, therefore, affected by a number of vulnerabilities as follows. - A vulnerability in the date validation functions of...

CVE-2021-46150

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Special:CheckUserLog allows CheckUser XSS because of date mishandling, as demonstrated by an XSS payload in MediaWiki:October...

CVE-2021-46150

Vulnerability overview (CVE-2021-46150) : MediaWiki contains a stored XSS issue in the Special:CheckUserLog feature due to date mishandling. Affected versions are MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The output indicates an XSS payload can be executed via Media...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

MediaWiki 代码问题漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A code issue vulnerability exists in MediaWiki version 1.35.2 and prior versions, which stems from the...