Vulnerabilities > Mediawiki

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2022-39193 Exposure of Resource to Wrong Sphere vulnerability in Mediawiki 1.39.0/1.39.1
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x.
network
low complexity
mediawiki CWE-668
5.3
2023-01-20 CVE-2023-22910 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-79
5.4
2023-01-20 CVE-2023-22912 Use of Insufficiently Random Values vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-330
5.3
2023-01-17 CVE-2015-10058 Cross-site Scripting vulnerability in Mediawiki Wikisource Category Browser
A vulnerability, which was classified as problematic, was found in Wikisource Category Browser.
network
low complexity
mediawiki CWE-79
6.1
2023-01-12 CVE-2022-47927 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
local
low complexity
mediawiki fedoraproject CWE-732
5.5
2023-01-11 CVE-2023-22945 Incorrect Authorization vulnerability in Mediawiki
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
network
low complexity
mediawiki CWE-863
4.3
2023-01-10 CVE-2023-22909 Unspecified vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki
5.3
2023-01-10 CVE-2023-22911 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-79
6.1
2022-12-26 CVE-2021-44856 Improper Check for Unusual or Exceptional Conditions vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.
network
low complexity
mediawiki CWE-754
5.3
2022-12-26 CVE-2021-44854 Exposure of Resource to Wrong Sphere vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.
network
low complexity
mediawiki CWE-668
5.3