Vulnerabilities > Mediawiki > Mediawiki > 1.31.15
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-02 | CVE-2021-36131 | Cross-site Scripting vulnerability in Mediawiki An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. | 3.5 |
| 2021-07-02 | CVE-2021-36132 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the FileImporter extension in MediaWiki through 1.36. | 6.0 |
| 2021-04-22 | CVE-2021-31554 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 5.5 |
| 2021-04-22 | CVE-2021-31552 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 5.5 |
| 2021-04-22 | CVE-2021-31548 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 4.0 |
| 2021-04-22 | CVE-2021-31547 | Information Exposure vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 4.0 |
| 2021-04-22 | CVE-2021-31546 | Information Exposure vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 4.0 |
| 2021-01-29 | CVE-2020-29005 | Insufficiently Protected Credentials vulnerability in Mediawiki The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure. | 5.0 |
| 2020-12-21 | CVE-2020-35625 | Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. | 6.5 |
| 2020-12-21 | CVE-2020-35623 | Insufficiently Protected Credentials vulnerability in Mediawiki An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. | 5.0 |