Search for packages
| purl | pkg:composer/mediawiki/core@1.34.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-59gg-vg2h-aaae
Aliases: CVE-2023-29141 GHSA-5vj8-g3qg-4qh6 |
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-7jf3-227f-aaas
Aliases: CVE-2020-25815 GHSA-2f58-vf6g-6p8x |
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text(). |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-ah5y-k5sb-aaap
Aliases: CVE-2021-41800 GHSA-c8wv-qwwc-6j73 |
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled. |
Affected by 2 other vulnerabilities. |
|
VCID-aus1-t1px-aaar
Aliases: CVE-2023-45363 GHSA-w5fx-cx7f-6vr9 |
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bp3f-tajm-aaaf
Aliases: CVE-2020-25814 GHSA-4vr7-m8p8-434h |
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked. |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-g6qq-mucg-aaar
Aliases: CVE-2020-25812 GHSA-rj9p-8jxj-2ch4 |
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML. |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-hgcw-v93v-aaad
Aliases: CVE-2020-25828 GHSA-h8qx-mj6v-2934 |
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages on a wiki with no extensions installed.) |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-jwgf-c1pr-aaan
Aliases: CVE-2020-15005 GHSA-xpv7-93cm-4mxv |
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled. |
Affected by 10 other vulnerabilities. |
|
VCID-k3vw-m137-aaan
Aliases: CVE-2020-10960 GHSA-pfm2-mqwj-ggm5 |
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS). |
Affected by 11 other vulnerabilities. |
|
VCID-n724-h9bq-aaak
Aliases: CVE-2020-25813 GHSA-c4rj-wrmq-52rj |
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. |
Affected by 4 other vulnerabilities. |
|
VCID-vvnj-ee7s-aaaq
Aliases: CVE-2023-37302 GHSA-fmrf-p77g-vv5c |
An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute). |
Affected by 1 other vulnerability. |
|
VCID-xb7m-ngk2-aaae
Aliases: CVE-2020-25827 GHSA-rqvj-fc2x-99q6 |
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently. |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-8ex1-6xse-aaab | MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page. |
CVE-2019-19709
GHSA-pjv5-vv93-p648 |