Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mediawiki Subscribe
Total 282 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41800 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2021-11-28 5.0 MEDIUM 5.3 MEDIUM
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
CVE-2021-31556 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2021-11-28 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.
CVE-2021-41798 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2021-11-26 4.3 MEDIUM 6.1 MEDIUM
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.
CVE-2021-41799 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2021-11-26 5.0 MEDIUM 7.5 HIGH
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.
CVE-2021-35197 3 Debian, Fedoraproject, Mediawiki 3 Debian Linux, Fedora, Mediawiki 2021-11-23 5.0 MEDIUM 7.5 HIGH
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to still "purge" pages through the MediaWiki Action API (which a "sitewide block" should have prevented).
CVE-2021-41801 1 Mediawiki 1 Mediawiki 2021-10-19 6.5 MEDIUM 8.8 HIGH
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)
CVE-2021-42042 1 Mediawiki 1 Mediawiki 2021-10-14 3.5 LOW 4.8 MEDIUM
An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. The growthexperiments-edit-config-error-invalid-title MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript.
CVE-2021-42043 1 Mediawiki 1 Mediawiki 2021-10-14 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text (a parameter to mediasearch-did-you-mean) was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator within the query.
CVE-2021-42044 1 Mediawiki 1 Mediawiki 2021-10-14 3.5 LOW 4.8 MEDIUM
An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2. The Growthexperiments-mentor-dashboard-mentee-overview-add-filter-total-edits-headline, growthexperiments-mentor-dashboard-mentee-overview-add-filter-starred-headline, growthexperiments-mentor-dashboard-mentee-overview-info-text, growthexperiments-mentor-dashboard-mentee-overview-info-legend-headline, and growthexperiments-mentor-dashboard-mentee-overview-active-ago MediaWiki messages were not being properly sanitized and allowed for the injection and execution of HTML and JavaScript.
CVE-2021-42041 1 Mediawiki 1 Mediawiki 2021-10-14 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in CentralAuth in MediaWiki through 1.36.2. The rightsnone MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the setchange log.
CVE-2021-42040 1 Mediawiki 1 Mediawiki 2021-10-14 5.0 MEDIUM 7.5 HIGH
An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion.
CVE-2008-0460 2 Mediawiki, Microsoft 3 Mediawiki, Mediawiki Botquery Ext, Internet Explorer 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8; and (2) the BotQuery extension for MediaWiki 1.7 and earlier; when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-1587 2 Mediawiki, Microsoft 2 Mediawiki, Internet Explorer 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.
CVE-2011-1578 2 Mediawiki, Microsoft 2 Mediawiki, Internet Explorer 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.
CVE-2011-1765 2 Mediawiki, Microsoft 2 Mediawiki, Internet Explorer 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587.
CVE-2020-25869 1 Mediawiki 1 Mediawiki 2021-07-21 5.0 MEDIUM 7.5 HIGH
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
CVE-2019-16738 1 Mediawiki 1 Mediawiki 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.
CVE-2020-35475 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2021-07-21 5.0 MEDIUM 7.5 HIGH
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. (The right column with the changeable groups is not affected and is escaped correctly.)
CVE-2020-10960 1 Mediawiki 1 Mediawiki 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS).
CVE-2020-15005 3 Debian, Fedoraproject, Mediawiki 3 Debian Linux, Fedora, Mediawiki 2021-07-21 2.6 LOW 3.1 LOW
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled.