CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2024/03/06 11:8 a.m.•15 views

BIT-MEDIAWIKI-2021-45474

In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...

6.1CVSS6.1AI score0.00974EPSS

Exploits0References4

RedhatCVE•added 2021/12/29 5:20 p.m.•26 views

CVE-2021-45474

A flaw was found in mediawiki through 1.37. The Special:ImportFile URI aka FileImporter allows XSS, shown by the clientUrl parameter...

6.1CVSS3.4AI score0.00974EPSS

Exploits0References3

UbuntuCve•added 2021/12/24 2:15 a.m.•24 views

CVE-2021-45474

In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...

6.1CVSS6.1AI score0.00974EPSS

Exploits0References3

Cvelist•added 2021/12/24 1:3 a.m.•20 views

CVE-2021-45474

In MediaWiki through 1.37, the Special:ImportFile URI aka FileImporter allows XSS, as demonstrated by the clientUrl parameter...

6.4AI score0.00974EPSS

Exploits0References3

CVE•added 2021/12/24 1:3 a.m.•71 views

CVE-2021-45474

In MediaWiki up to 1.37, the Special:ImportFile (FileImporter) accepts the clientUrl parameter without proper escaping, allowing cross-site scripting (XSS). The root cause is insufficient sanitization of the clientUrl input in the ImportFile workflow. The CVE entry documents this vulnerability an...

6.1CVSS6.1AI score0.00974EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by