Vulnerabilities > Mediawiki
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-11 | CVE-2021-41801 | Unspecified vulnerability in Mediawiki The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. | 8.8 |
| 2021-10-06 | CVE-2021-42040 | Infinite Loop vulnerability in Mediawiki An issue was discovered in MediaWiki through 1.36.2. | 5.0 |
| 2021-10-06 | CVE-2021-42041 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in CentralAuth in MediaWiki through 1.36.2. | 4.3 |
| 2021-10-06 | CVE-2021-42042 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. | 3.5 |
| 2021-10-06 | CVE-2021-42043 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. | 4.3 |
| 2021-10-06 | CVE-2021-42044 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2. | 3.5 |
| 2021-08-12 | CVE-2021-31556 | Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. | 9.8 |
| 2021-07-02 | CVE-2021-35197 | Incorrect Authorization vulnerability in multiple products In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. | 7.5 |
| 2021-07-02 | CVE-2021-36125 | Infinite Loop vulnerability in Mediawiki An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. | 5.0 |
| 2021-07-02 | CVE-2021-36126 | Unspecified vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36. | 7.5 |