14 matches found
EUVD-2022-4790
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-19709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable...
CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
GHSA-PJV5-VV93-P648 Possible to circumvent title-blacklist
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
MGASA-2020-0021 Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editi...
MediaWiki Input Validation Error Vulnerability (CNVD-2020-00008)
MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. An input validation error vulnerability exists in MediaWiki version 1.33.1 an...
Debian DSA-4592-1 : mediawiki - security update
It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4592. The text itself is...
Debian: Security Advisory (DSA-4592-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4592-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4592-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 26, 2019 https://www.debian.org/security/faq -...
Authorization Bypass
mediawiki/core is vulnerable to authorization bypass. The rules in Title Blacklist for creating a page can be bypassed when using redirect=1 in the action API when editing that page. This vulnerability can likely be exploited to bypass the permission...
DEBIAN-CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
UBUNTU-CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
CVE-2019-19709
MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page...
PT-2019-5230 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.33.1 Description: The issue allows attackers to bypass the Title blacklist protection mechanism. This can be achieved by starting with an arbitrary title, establishing a non-resolvable redirect for the associated...