Search for packages
| purl | pkg:composer/mediawiki/core@1.35.0-rc.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-59gg-vg2h-aaae
Aliases: CVE-2023-29141 GHSA-5vj8-g3qg-4qh6 |
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-7jf3-227f-aaas
Aliases: CVE-2020-25815 GHSA-2f58-vf6g-6p8x |
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text(). |
Affected by 4 other vulnerabilities. |
|
VCID-ah5y-k5sb-aaap
Aliases: CVE-2021-41800 GHSA-c8wv-qwwc-6j73 |
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled. |
Affected by 2 other vulnerabilities. |
|
VCID-aus1-t1px-aaar
Aliases: CVE-2023-45363 GHSA-w5fx-cx7f-6vr9 |
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bp3f-tajm-aaaf
Aliases: CVE-2020-25814 GHSA-4vr7-m8p8-434h |
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked. |
Affected by 4 other vulnerabilities. |
|
VCID-g6qq-mucg-aaar
Aliases: CVE-2020-25812 GHSA-rj9p-8jxj-2ch4 |
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML. |
Affected by 4 other vulnerabilities. |
|
VCID-hgcw-v93v-aaad
Aliases: CVE-2020-25828 GHSA-h8qx-mj6v-2934 |
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages on a wiki with no extensions installed.) |
Affected by 4 other vulnerabilities. |
|
VCID-vvnj-ee7s-aaaq
Aliases: CVE-2023-37302 GHSA-fmrf-p77g-vv5c |
An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute). |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||