Vulnerabilities > Mediawiki > Mediawiki > 1.35.3

DATE CVE VULNERABILITY TITLE RISK
2021-10-06 CVE-2021-42042 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2.
network
mediawiki CWE-79
3.5
3.5
2021-10-06 CVE-2021-42043 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2.
network
mediawiki CWE-79
4.3
4.3
2021-10-06 CVE-2021-42044 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2.
network
mediawiki CWE-79
3.5
3.5
2021-07-02 CVE-2021-36125 Infinite Loop vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-835
5.0
5.0
2021-07-02 CVE-2021-36126 Unspecified vulnerability in Mediawiki
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36.
network
low complexity
mediawiki
7.5
7.5
2021-07-02 CVE-2021-36127 Insecure Storage of Sensitive Information vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-922
4.0
4.0
2021-07-02 CVE-2021-36128 Improper Handling of Exceptional Conditions vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-755
7.5
7.5
2021-07-02 CVE-2021-36129 Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki
An issue was discovered in the Translate extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-732
4.0
4.0
2021-07-02 CVE-2021-36130 Cross-site Scripting vulnerability in Mediawiki
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36.
network
mediawiki CWE-79
3.5
3.5
2021-07-02 CVE-2021-36131 Cross-site Scripting vulnerability in Mediawiki
An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36.
network
mediawiki CWE-79
3.5
3.5