Search for packages
| purl | pkg:deb/ubuntu/mediawiki@1:1.27.4-1 |
| Next non-vulnerable version | 1:1.31.7-1 |
| Latest non-vulnerable version | 1:1.31.7-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2sfd-2utj-aaah
Aliases: CVE-2015-8002 |
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks. |
Affected by 14 other vulnerabilities. |
|
VCID-2txe-5685-aaar
Aliases: CVE-2019-12467 GHSA-6vfg-8ppv-h5hg |
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-2xxs-re4c-aaan
Aliases: CVE-2015-8628 |
The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics. |
Affected by 14 other vulnerabilities. |
|
VCID-441a-j5w3-aaak
Aliases: CVE-2015-8623 |
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624. |
Affected by 14 other vulnerabilities. |
|
VCID-4464-txgm-aaaq
Aliases: CVE-2015-8625 |
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read arbitrary files via an @ (at sign) character in unspecified POST array parameters. |
Affected by 14 other vulnerabilities. |
|
VCID-475y-ct6v-aaae
Aliases: CVE-2017-0363 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites. |
Affected by 14 other vulnerabilities. |
|
VCID-4crn-tzya-aaaa
Aliases: CVE-2015-8624 |
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant time before determining if a debugging message should be logged, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8623. |
Affected by 14 other vulnerabilities. |
|
VCID-4me7-4qh5-aaar
Aliases: CVE-2015-2939 |
Cross-site scripting (XSS) vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace. |
Affected by 14 other vulnerabilities. |
|
VCID-4q2b-jwqb-aaas
Aliases: CVE-2019-12470 GHSA-733q-m38x-q7cc |
Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-52ya-rkxw-aaap
Aliases: CVE-2015-8626 |
The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack. |
Affected by 14 other vulnerabilities. |
|
VCID-6fqp-cx7v-aaad
Aliases: CVE-2017-0367 |
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. |
Affected by 14 other vulnerabilities. |
|
VCID-6t1c-fh8c-aaaf
Aliases: CVE-2015-8622 |
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authenticated users to inject arbitrary web script or HTML via wikitext, as demonstrated by a wikilink to a page named "javascript:alert('XSS!')." |
Affected by 14 other vulnerabilities. |
|
VCID-6w62-q6j7-aaad
Aliases: CVE-2013-2032 |
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks. |
Affected by 14 other vulnerabilities. |
|
VCID-7ccj-pqjd-aaak
Aliases: CVE-2015-8001 |
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size. |
Affected by 14 other vulnerabilities. |
|
VCID-87hn-2xkg-aaaq
Aliases: CVE-2013-4302 |
(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiMain.php, (5) ApiQueryDeletedrevs.php, (6) ApiTokens.php, and (7) ApiUnblock.php in includes/api/ in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allow remote attackers to obtain CSRF tokens and bypass the cross-site request forgery (CSRF) protection mechanism via a JSONP request to wiki/api.php. |
Affected by 14 other vulnerabilities. |
|
VCID-8ex1-6xse-aaab
Aliases: CVE-2019-19709 GHSA-pjv5-vv93-p648 |
MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page. |
Affected by 1 other vulnerability. |
|
VCID-8kas-zwjt-aaaj
Aliases: CVE-2015-8003 |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads. |
Affected by 14 other vulnerabilities. |
|
VCID-9p61-293j-aaae
Aliases: CVE-2015-2937 |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942. |
Affected by 14 other vulnerabilities. |
|
VCID-9xdp-s1sy-aaaq
Aliases: CVE-2018-0504 GHSA-hr8v-f4g2-p66f |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid |
Affected by 11 other vulnerabilities. |
|
VCID-aap7-715h-aaab
Aliases: CVE-2019-12472 GHSA-7mqg-5fgh-xh4r |
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-azqw-d7r1-aaad
Aliases: CVE-2018-0503 GHSA-mhfv-9h99-jwg7 |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'. |
Affected by 11 other vulnerabilities. |
|
VCID-b3ku-7nmb-aaan
Aliases: CVE-2015-2934 |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 does not properly handle when the Zend interpreter xml_parse function does not expand entities, which allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file. |
Affected by 14 other vulnerabilities. |
|
VCID-bhgn-gct9-aaae
Aliases: CVE-2019-12466 GHSA-27fw-r78j-h898 |
Wikimedia MediaWiki through 1.32.1 allows CSRF. |
Affected by 2 other vulnerabilities. |
|
VCID-bkcd-21y2-aaan
Aliases: CVE-2015-2932 |
Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element. |
Affected by 14 other vulnerabilities. |
|
VCID-bu88-hs5y-aaad
Aliases: CVE-2015-2938 |
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file. |
Affected by 14 other vulnerabilities. |
|
VCID-c5zz-s9rp-aaah
Aliases: CVE-2017-0365 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations. |
Affected by 14 other vulnerabilities. |
|
VCID-esgd-pzqy-aaag
Aliases: CVE-2017-0366 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration. |
Affected by 14 other vulnerabilities. |
|
VCID-f9ks-vah3-aaaa
Aliases: CVE-2019-12474 GHSA-2qrr-c2gh-pr35 |
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-fa39-92mr-aaaq
Aliases: CVE-2015-2935 |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT." |
Affected by 14 other vulnerabilities. |
|
VCID-fgbq-q2ny-aaas
Aliases: CVE-2015-8004 |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form. |
Affected by 14 other vulnerabilities. |
|
VCID-fhfu-4d98-aaak
Aliases: CVE-2017-0369 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. |
Affected by 14 other vulnerabilities. |
|
VCID-fnr5-5thp-aaad
Aliases: CVE-2017-0362 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token. |
Affected by 14 other vulnerabilities. |
|
VCID-fwhc-xtwd-aaag
Aliases: CVE-2019-12469 GHSA-x3fr-w7r5-x7rg |
MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-g7za-6jm5-aaas
Aliases: CVE-2015-6727 |
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text. |
Affected by 14 other vulnerabilities. |
|
VCID-hz1d-kef8-aaaj
Aliases: CVE-2015-8005 |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file. |
Affected by 14 other vulnerabilities. |
|
VCID-k3vw-m137-aaan
Aliases: CVE-2020-10960 GHSA-pfm2-mqwj-ggm5 |
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS). |
Affected by 0 other vulnerabilities. |
|
VCID-kcqa-8c1s-aaah
Aliases: CVE-2015-2933 |
Cross-site scripting (XSS) vulnerability in the Html class in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a LanguageConverter substitution string when using a language variant. |
Affected by 14 other vulnerabilities. |
|
VCID-mzup-du1d-aaac
Aliases: CVE-2015-8627 |
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed. |
Affected by 14 other vulnerabilities. |
|
VCID-pbsc-5dr9-aaan
Aliases: CVE-2015-2941 |
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error message, related to unsafe calls to wddx_serialize_value. |
Affected by 14 other vulnerabilities. |
|
VCID-q2kd-6muk-aaan
Aliases: CVE-2015-2942 |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an (1) SVG file or (2) XMP metadata in a PDF file, aka a "billion laughs attack," a different vulnerability than CVE-2015-2937. |
Affected by 14 other vulnerabilities. |
|
VCID-qynw-xq2t-aaap
Aliases: CVE-2019-12468 GHSA-wrhx-3pxr-6vgg |
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover. |
Affected by 2 other vulnerabilities. |
|
VCID-qzqa-kqnf-aaak
Aliases: CVE-2017-0361 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext. |
Affected by 14 other vulnerabilities. |
|
VCID-rpem-hqsq-aaah
Aliases: CVE-2017-0371 |
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attr(title url);" attack within a DIV element that has an attacker-controlled URL in the title attribute. |
Affected by 14 other vulnerabilities. |
|
VCID-sa8w-pzne-aaas
Aliases: CVE-2018-0505 GHSA-5c6w-f4w2-2grp |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock |
Affected by 11 other vulnerabilities. |
|
VCID-szc1-38p1-aaak
Aliases: CVE-2017-0368 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages. |
Affected by 14 other vulnerabilities. |
|
VCID-t1zs-6awm-aaae
Aliases: CVE-2015-2931 |
Incomplete blacklist vulnerability in includes/upload/UploadBase.php in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an application/xml MIME type for a nested SVG with a data: URI. |
Affected by 14 other vulnerabilities. |
|
VCID-t4v1-vab8-aaan
Aliases: CVE-2017-0372 |
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities. |
Affected by 14 other vulnerabilities. |
|
VCID-t8tf-anxv-aaap
Aliases: CVE-2017-0364 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link. |
Affected by 14 other vulnerabilities. |
|
VCID-tm36-42qs-aaah
Aliases: CVE-2019-12471 GHSA-2rm7-xxx8-35jh |
Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
|
VCID-utd6-z4vj-aaar
Aliases: CVE-2015-2940 |
Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors. |
Affected by 14 other vulnerabilities. |
|
VCID-w362-nw4d-aaad
Aliases: CVE-2013-2031 |
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox. |
Affected by 14 other vulnerabilities. |
|
VCID-xmew-5454-aaae
Aliases: CVE-2017-0370 |
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter. |
Affected by 14 other vulnerabilities. |
|
VCID-y9hz-2s27-aaae
Aliases: CVE-2015-2936 |
MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password. |
Affected by 14 other vulnerabilities. |
|
VCID-zqf1-jg5k-aaap
Aliases: CVE-2019-12473 GHSA-33xw-x3pr-rvqj |
Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-fva8-36n3-aaar | Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images." |
CVE-2015-6730
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|