Vulnerabilities > Mediawiki

DATE CVE VULNERABILITY TITLE RISK
2021-07-02 CVE-2021-35197 Exposure of Resource TO Wrong Sphere vulnerability in Mediawiki
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access.
network
low complexity
mediawiki CWE-668
5.0
2021-07-02 CVE-2021-36125 Infinite Loop vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-835
5.0
2021-07-02 CVE-2021-36126 Unspecified vulnerability in Mediawiki
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36.
network
low complexity
mediawiki
7.5
2021-07-02 CVE-2021-36127 Insecure Storage of Sensitive Information vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-922
4.0
2021-07-02 CVE-2021-36128 Improper Authentication vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-287
7.5
2021-07-02 CVE-2021-36129 Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki
An issue was discovered in the Translate extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-732
4.0
2021-07-02 CVE-2021-36130 Cross-Site Scripting vulnerability in Mediawiki
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36.
network
mediawiki CWE-79
3.5
2021-07-02 CVE-2021-36131 Cross-Site Scripting vulnerability in Mediawiki
An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36.
network
mediawiki CWE-79
3.5
2021-07-02 CVE-2021-36132 Incorrect Authorization vulnerability in Mediawiki
An issue was discovered in the FileImporter extension in MediaWiki through 1.36.
network
mediawiki CWE-863
6.0
2021-04-22 CVE-2021-31550 Cross-Site Scripting vulnerability in Mediawiki
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2.
network
mediawiki CWE-79
3.5