Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3508

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.01291EPSS
Exploits0References12
OSV
OSV
added 2022/05/24 5:29 p.m.6 views

GHSA-C4RJ-WRMQ-52RJ MediaWiki Special:UserRights exposes the existence of hidden users

In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, Special:UserRights exposes the existence of hidden users...

5.3CVSS6.2AI score0.01291EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/24 5:29 p.m.24 views

MediaWiki Special:UserRights exposes the existence of hidden users

In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, Special:UserRights exposes the existence of hidden users...

5.3CVSS6.3AI score0.01291EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2020/12/19 1:34 a.m.24 views

Cross-site Scripting (XSS)

mediawiki is vulnerable to cross-site scripting XSS. The vulnerability exists when a user visits Special:UserRights and does not have rights to change all userrights, and the table on the left side has unchangeable groups in it...

7.5CVSS1.3AI score0.01573EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2020/12/18 5:9 p.m.30 views

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

7.5CVSS0.8AI score0.01573EPSS
Exploits0References3
NVD
NVD
added 2020/12/18 8:15 a.m.19 views

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

7.5CVSS7.2AI score0.01573EPSS
Exploits0References4
OSV
OSV
added 2020/12/18 8:15 a.m.23 views

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

7.5CVSS7.2AI score
Exploits0References4
Prion
Prion
added 2020/12/18 8:15 a.m.20 views

Design/Logic Flaw

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

5CVSS7.1AI score0.01573EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2020/09/27 9:15 p.m.29 views

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

5.3CVSS6.7AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/09/27 9:15 p.m.24 views

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

5.3CVSS6.4AI score0.01291EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/09/27 8:44 p.m.23 views

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

6.2AI score0.01291EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/09/27 8:44 p.m.28 views

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

5.3CVSS5.7AI score0.01291EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 2020/09/21 4:46 p.m.27 views

Special:UserRights exposes the existence of hidden users

More info at https://phabricator.wikimedia.org/T232568...

5.3CVSS7.2AI score0.01291EPSS
Exploits0Affected Software1
Rows per page
Query Builder