CVE-2013-4305

Cross-site scripting XSS vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - The full installation path is disclosed in an error message when an invalid language is specified in the ResourceLoader. CVE-2013-4301 - Multiple cross-site reque...

Fedora 16 : python-mwlib-0.13.5-1.fc16 (2012-2994)

Update to version 0.13.5, which solves the following issues : It was reported that mwlib suffered from a flaw that could allow a remote attacker to perform a denial of service attack on a mwlib installation by forcing it to parse a specially crafted iferror magic function. This issue has been...