Vulnerabilities > Mediawiki > Mediawiki > 1.35.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-30 | CVE-2023-37302 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. | 6.1 |
| 2023-06-30 | CVE-2023-37303 | Unspecified vulnerability in Mediawiki An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. | 9.8 |
| 2023-06-30 | CVE-2023-37304 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. | 5.4 |
| 2023-06-30 | CVE-2023-37305 | Unspecified vulnerability in Mediawiki An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. | 5.3 |
| 2023-06-29 | CVE-2023-37251 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the GoogleAnalyticsMetrics extension for MediaWiki through 1.39.3. | 6.1 |
| 2023-06-29 | CVE-2023-37254 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. | 6.1 |
| 2023-06-29 | CVE-2023-37255 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. | 6.1 |
| 2023-06-29 | CVE-2023-37256 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. | 6.1 |
| 2023-01-11 | CVE-2023-22945 | Incorrect Authorization vulnerability in multiple products In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties. | 4.3 |
| 2022-07-02 | CVE-2022-34912 | An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. | 6.1 |