Vulnerabilities (CVE)

Filtered by vendor Mediawiki Subscribe
Total 386 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36674 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
CVE-2023-29141 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 N/A 9.8 CRITICAL
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
CVE-2023-29140 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted.
CVE-2023-29139 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 6.5 MEDIUM
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. When a user with checkuserlog permissions makes many CheckUserLog API requests in some configurations, denial of service can occur (RequestTimeoutException or upstream request timeout).
CVE-2023-29137 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 4.3 MEDIUM
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. The UserImpactHandler for GrowthExperiments inadvertently returns the timezone preference for arbitrary users, which can be used to de-anonymize users.
CVE-2023-22945 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 N/A 4.3 MEDIUM
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVE-2023-22912 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager insecurely uses AES-CTR encryption with a repeated (aka re-used) nonce, allowing an adversary to decrypt.
CVE-2023-22911 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 N/A 6.1 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an HTML attribute context.
CVE-2023-22910 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.4 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision-* fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs capability.
CVE-2023-22909 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow.
CVE-2022-4561 1 Mediawiki 1 Semantic Drilldown 2024-11-21 N/A 3.5 LOW
A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964.
CVE-2022-47927 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 N/A 5.5 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data.
CVE-2022-41767 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup.
CVE-2022-41766 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 4.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name (when the user has been revision deleted/suppressed).
CVE-2022-41765 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. HTMLUserTextField exposes the existence of hidden users.
CVE-2022-39194 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 4.9 MEDIUM
An issue was discovered in the MediaWiki through 1.38.2. The community configuration pages for the GrowthExperiments extension could cause a site to become unavailable due to insufficient validation when certain actions (including page moves) were performed.
CVE-2022-39193 1 Mediawiki 1 Mediawiki 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by users with suppression rights.
CVE-2022-34912 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
CVE-2022-34911 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is not escaped: SpecialCreateAccount::successfulAction() calls ::showSuccessPage() with a message as second parameter, and OutputPage::setPageTitle() uses text().
CVE-2022-34750 1 Mediawiki 1 Mediawiki 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the Wikibase and WikibaseLexeme extensions. This is related to Special:NewLexeme and Special:NewProperty.