CVE-2017-0372

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mediawiki:mediawiki:1.27.1:*:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.28.0:*:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.27.2:*:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.27.0:*:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.28.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Information

Published : 2018-04-13 09:29

Updated : 2018-05-17 08:25


NVD link : CVE-2017-0372

Mitre link : CVE-2017-0372


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

mediawiki

  • mediawiki