Vulnerabilities > Mediawiki > Mediawiki > 1.7.3

DATE CVE VULNERABILITY TITLE RISK
2023-04-15 CVE-2021-30153 Exposure of Resource to Wrong Sphere vulnerability in Mediawiki
An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki CWE-668
4.3
4.3
2023-03-31 CVE-2023-29137 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
4.3
4.3
2023-03-31 CVE-2023-29139 Unspecified vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
6.5
6.5
2023-03-31 CVE-2023-29140 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
5.3
5.3
2023-03-31 CVE-2023-29141 An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3.
network
low complexity
mediawiki fedoraproject
critical
 9.8
9.8
2023-01-20 CVE-2023-22910 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-79
5.4
5.4
2023-01-20 CVE-2023-22912 Use of Insufficiently Random Values vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-330
5.3
5.3
2023-01-12 CVE-2022-47927 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
local
low complexity
mediawiki fedoraproject CWE-732
5.5
5.5
2023-01-11 CVE-2023-22945 Incorrect Authorization vulnerability in multiple products
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
network
low complexity
mediawiki fedoraproject CWE-863
4.3
4.3
2023-01-10 CVE-2023-22909 An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki fedoraproject
5.3
5.3