7 matches found
Debian dla-3796 : mediawiki - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3796 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3796-1 [email protected] https://www.debian.org/lts/security/...
BIT-MEDIAWIKI-2023-51704
An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...
Cross Site Scripting(XSS)
mediawiki:sid is vulnerable to cross site scripting. The vulnerability due to Load Special:log/rights script by using an administrator account. it allows an attacker can change URL ends with =x-xss which leads to XSS...
CVE-2023-51704
A flaw was found in the Special:log/rights page in MediaWiki. Messages related to group memberships group--member within includes/logging/RightsLogFormatter.php are susceptible to cross-site scripting XSS attacks due to inadequate escape handling. This issue could enable an attacker to execute...
Cross site scripting
An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...
CVE-2023-51704
An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...
CVE-2023-51704
An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...