Lucene search
K

11 matches found

Redos
Redos
added 2024/08/28 12:0 a.m.22 views

ROS-20240827-07

Vulnerability in UnlinkedWikibase extension of a software tool for implementing hypertext environments MediaWiki is related to improper input neutralization during web page creation. Exploitation The vulnerability could allow an attacker acting remotely to perform cross-site scripting attacks XSS...

9.8CVSS6.8AI score0.00473EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.6 views

The vulnerability of the WikibaseLexeme extension, a software tool for implementing a hypertext environment in MediaWiki, allows a hacker to enhance their privileges.

The vulnerability of the WikibaseLexeme extension for implementing the hypertext environment in MediaWik is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

5.5CVSS5.4AI score0.00409EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2024/05/05 7:15 p.m.22 views

CVE-2024-34502

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will attempt to make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit...

9.8CVSS7AI score0.00409EPSS
Exploits0References4
OSV
OSV
added 2024/05/05 7:15 p.m.3 views

CVE-2024-34502

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will attempt to make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit...

9.8CVSS7AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/05 12:0 a.m.19 views

CVE-2024-34502

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will attempt to make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit...

6.6AI score0.00409EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/05 12:0 a.m.28 views

CVE-2024-34502

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will attempt to make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit...

7.2AI score0.00409EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:4 a.m.18 views

BIT-MEDIAWIKI-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

7.5CVSS7.3AI score0.01191EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/28 1:15 p.m.2 views

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

7.5CVSS5.9AI score0.01191EPSS
Exploits0References4
OSV
OSV
added 2022/06/28 1:15 p.m.27 views

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

7.5CVSS6.6AI score
Exploits0References3
Prion
Prion
added 2022/06/28 1:15 p.m.17 views

Code injection

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

5CVSS7.3AI score0.01191EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/06/28 12:20 p.m.59 views

CVE-2022-34750

CVE-2022-34750 : PT and vendor docs show a Wikibase/MediaWiki DoS issue due to unbounded merge requests. Affected: Wikibase extension for MediaWiki in versions 1.35.x–1.35.11, 1.36.x–1.39.4, and 1.40.x–1.40.0. Root cause: no rate limiting on item merging. Fixes are available in: Wikibase 1.35.12 ...

7.5CVSS7.2AI score0.01191EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder