Lucene search
K

30 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.7 views

CVE-2023-45374

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...

5.3CVSS6.9AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.5 views

CVE-2023-45370

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may ...

5.3CVSS6.7AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-22763

Malware in sbrugna...

4.8CVSS4.8AI score0.00447EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49662

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49666

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00186EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.7 views

CVE-2021-36131

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users...

4.8CVSS5.9AI score0.00447EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.7 views

The vulnerability of the SportsTeams extension of the software for implementing the MediaWiki hypertext environment allows a hacker to compromise the integrity of the protected information.

The vulnerability of the SportsTeams extension of the MediaWiki software, which is used to implement a hypertext environment, relates to the lack of permission checking. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrity of the protected informati...

5.3CVSS5.9AI score0.00324EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.6 views

The vulnerability of the SportsTeams extension of the software for implementing the MediaWiki hypertext environment allows a hacker to compromise the integrity of the protected information.

The vulnerability of the SportsTeams extension of the software for implementing the hypertext environment MediaWiki is related to the lack of checks for the anti-CSRF token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams. Exploiting this vulnerability could allow a malicious actor t...

5.3CVSS5.9AI score0.00186EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/03/06 11:11 a.m.15 views

BIT-MEDIAWIKI-2021-36131

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users...

4.8CVSS4.8AI score0.00447EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 10:58 a.m.18 views

BIT-MEDIAWIKI-2023-45370

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may ...

5.3CVSS5.4AI score0.00324EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 10:57 a.m.20 views

BIT-MEDIAWIKI-2023-45374

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...

5.3CVSS5.5AI score0.00186EPSS
Exploits0References3
NVD
NVD
added 2023/10/09 6:15 a.m.29 views

CVE-2023-45374

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...

5.3CVSS5.3AI score0.00186EPSS
Exploits0References2
NVD
NVD
added 2023/10/09 6:15 a.m.18 views

CVE-2023-45370

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may ...

5.3CVSS5.2AI score0.00324EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/10/09 6:15 a.m.7 views

CVE-2023-45374

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...

5.3CVSS6AI score0.00186EPSS
Exploits0References3
OSV
OSV
added 2023/10/09 6:15 a.m.19 views

CVE-2023-45370

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may ...

5.3CVSS7AI score
Exploits0References2
Prion
Prion
added 2023/10/09 6:15 a.m.24 views

Cross site request forgery (csrf)

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...

5CVSS5.4AI score0.00186EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/10/09 6:15 a.m.23 views

Code injection

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may ...

5CVSS5.2AI score0.00324EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.5 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki, which stems from the SportsTeams extension that doe...

5.3CVSS6.8AI score0.00186EPSS
Exploits0References3
CVE
CVE
added 2023/10/09 12:0 a.m.64 views

CVE-2023-45374

The CVE-2023-45374 entry concerns the SportsTeams extension for MediaWiki. Affected versions before 1.35.12, 1.36.x–1.39.x before 1.39.5, and 1.40.x before 1.40.1 do not validate the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams, enabling potential CSRF risk. ...

5.3CVSS5.6AI score0.00186EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.6 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from the fact that the SportsTeams...

5.3CVSS6.7AI score0.00324EPSS
Exploits0References3
Rows per page
Query Builder