Vulnerabilities > Mediawiki

DATE CVE VULNERABILITY TITLE RISK
2021-12-20 CVE-2021-44858 Incorrect Default Permissions vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.
network
low complexity
mediawiki CWE-276
7.5
2021-12-17 CVE-2021-44857 Missing Authorization vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.
network
low complexity
mediawiki CWE-862
6.5
2021-12-17 CVE-2021-45038 Information Exposure vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.
network
low complexity
mediawiki CWE-200
5.3
2021-10-11 CVE-2021-41798 Cross-site Scripting vulnerability in multiple products
MediaWiki before 1.36.2 allows XSS.
network
low complexity
mediawiki fedoraproject CWE-79
6.1
2021-10-11 CVE-2021-41799 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time).
network
low complexity
mediawiki fedoraproject CWE-770
7.5
2021-10-11 CVE-2021-41800 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time).
network
low complexity
mediawiki fedoraproject CWE-770
5.3
2021-10-11 CVE-2021-41801 Unspecified vulnerability in Mediawiki
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control.
network
low complexity
mediawiki
8.8
2021-10-06 CVE-2021-42040 Infinite Loop vulnerability in Mediawiki
An issue was discovered in MediaWiki through 1.36.2.
network
low complexity
mediawiki CWE-835
7.5
2021-10-06 CVE-2021-42041 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in CentralAuth in MediaWiki through 1.36.2.
network
low complexity
mediawiki CWE-79
6.1
2021-10-06 CVE-2021-42042 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2.
network
low complexity
mediawiki CWE-79
4.8