Lucene search
Ubuntu.comUB:CVE-2014-5242HistoryAug 22, 2014 - 12:00 a.m.
CVE-2014-5242
2014-08-2200:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.8%
Cross-site scripting (XSS) vulnerability in
mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and
1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script
or HTML via vectors involving the multipageimagenavbox class in conjunction
with an action=raw value.
Notes
| Author | Note |
|---|---|
| seth-arnold | Introduced in 1.22, thus none of our packages are affected |
Related
cve
cve
CVE-2014-5242
2014-08-22 17:55:00
debiancve
debiancve
CVE-2014-5242
2014-08-22 17:55:00
prion
prion
Cross site scripting
2014-08-22 17:55:00
nessus
nessus
Fedora 19 : mediawiki-1.23.2-1.fc19 (2014-9548)
2014-08-27 00:00:00
Fedora 20 : mediawiki-1.23.2-1.fc20 (2014-9583)
2014-08-27 00:00:00
MediaWiki < 1.19.18 / 1.22.9 / 1.23.2 Multiple Vulnerabilities
2014-08-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0309)
2022-01-28 00:00:00
Fedora Update for mediawiki FEDORA-2014-9583
2014-08-27 00:00:00
Fedora Update for mediawiki FEDORA-2014-9548
2014-08-27 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2014-08-06 00:08:48
fedora
fedora
[SECURITY] Fedora 19 Update: mediawiki-1.23.2-1.fc19
2014-08-27 01:33:58
[SECURITY] Fedora 20 Update: mediawiki-1.23.2-1.fc20
2014-08-27 01:34:20
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2015-02-07 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.8%
Related for UB:CVE-2014-5242