EUVD-2021-22759

Malware in sbrugna...

BIT-MEDIAWIKI-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

MediaWiki cross-site scripting vulnerability (CNVD-2020-74053)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. MediaWiki before 1.35.1 suffers from a cross-site scripting vulnerability tha...

MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

Cross-site Scripting (XSS)

mediawiki is vulnerable to cross-site scripting XSS. The vulnerability exists when a user visits Special:UserRights and does not have rights to change all userrights, and the table on the left side has unchangeable groups in it...

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

Design/Logic Flaw

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

CVE-2020-35475

CVE-2020-35475 affects MediaWiki before 1.35.1. The vulnerability arises when certain messages, specifically userrights-expiry-current and userrights-expiry-none, contain raw HTML, allowing cross-site scripting (XSS) if a user visits Special:UserRights and cannot change all userrights; the left-h...

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colum...

MediaWiki 跨站脚本漏洞

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. MediaWiki before 1.35.1 suffers from a cross-site scripting vulnerability tha...

Information Disclosure

MediaWiki is vulnerable to information disclosure. pecial:UserRights exposes the existence of hidden users to remote attackers...

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

PT-2020-5806 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.1 Description: The issue is related to the messages userrights-expiry-current and userrights-expiry-none containing raw HTML, which can lead to XSS when a user visits Special:UserRights without having the righ...

CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

DEBIAN-CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

UBUNTU-CVE-2020-25813

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...

CVE-2020-25813

MediaWiki contains CVE-2020-25813 affecting the Special:UserRights feature. Affected versions are MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The vulnerability involves the Special:UserRights interface exposing the existence of hidden users. The connected documents do not pr...

PT-2020-6810 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.x through 1.31.9 MediaWiki versions 1.32.x through 1.34.x before 1.34.4 Description: The issue is related to errors in permission handling in the Special:UserRights component of MediaWiki. This can allow a remote...