Search for packages
| purl | pkg:alpm/archlinux/mediawiki@1.28.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9e5y-vgvx-73d6
Aliases: CVE-2017-0372 |
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-29fv-52ge-mbft | mediawiki: "Mark all pages visited" on the watchlist does not require a CSRF token |
CVE-2017-0362
|
| VCID-e3ad-yw1a-nbbu | mediawiki: Make rawHTML mode not apply to system messages |
CVE-2017-0368
|
| VCID-k6ry-6a7f-eqd7 | mediawiki: Improper URL sanitization in Spam blacklist |
CVE-2017-0370
|
| VCID-nqg1-1fyx-ruf9 | mediawiki: redirects to any interwiki link in special search |
CVE-2017-0364
|
| VCID-sh6q-pur2-gkag | mediawiki: SVG filter evasion using default attribute values in DTD declaration |
CVE-2017-0366
|
| VCID-sz6n-4pbk-d7ay | mediawiki: information disclosure in the api.log |
CVE-2017-0361
|
| VCID-ubbe-qu8g-5fa1 | mediawiki: unsafe use of temporary directory |
CVE-2017-0367
|
| VCID-xqkp-986n-m7f3 | mediawiki: Improper Access Control to protected pages |
CVE-2017-0369
|
| VCID-zmzk-jv3z-tub4 | mediawiki: open redirect to external sites |
CVE-2017-0363
|
| VCID-zz68-pwk2-abew | mediawiki: XSS in SearchHighlighter::highlightText() |
CVE-2017-0365
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T18:27:11.956703+00:00 | Arch Linux Importer | Affected by | VCID-9e5y-vgvx-73d6 | https://security.archlinux.org/AVG-259 | 38.0.0 |
| 2026-04-01T18:26:16.076616+00:00 | Arch Linux Importer | Fixing | VCID-sz6n-4pbk-d7ay | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:16.054148+00:00 | Arch Linux Importer | Fixing | VCID-29fv-52ge-mbft | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:16.029573+00:00 | Arch Linux Importer | Fixing | VCID-zmzk-jv3z-tub4 | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:16.007254+00:00 | Arch Linux Importer | Fixing | VCID-nqg1-1fyx-ruf9 | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.985147+00:00 | Arch Linux Importer | Fixing | VCID-zz68-pwk2-abew | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.961970+00:00 | Arch Linux Importer | Fixing | VCID-sh6q-pur2-gkag | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.939639+00:00 | Arch Linux Importer | Fixing | VCID-ubbe-qu8g-5fa1 | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.917432+00:00 | Arch Linux Importer | Fixing | VCID-e3ad-yw1a-nbbu | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.894347+00:00 | Arch Linux Importer | Fixing | VCID-xqkp-986n-m7f3 | https://security.archlinux.org/AVG-236 | 38.0.0 |
| 2026-04-01T18:26:15.872097+00:00 | Arch Linux Importer | Fixing | VCID-k6ry-6a7f-eqd7 | https://security.archlinux.org/AVG-236 | 38.0.0 |