Vulnerabilities > Mediawiki

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-27	CVE-2020-26120	Cross-site Scripting vulnerability in multiple products XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-09-27	CVE-2020-25869	Incorrect Authorization vulnerability in multiple products An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. network low complexity mediawiki fedoraproject CWE-863	7.5
2020-09-27	CVE-2020-25828	Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-09-27	CVE-2020-25827	Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. network low complexity mediawiki fedoraproject CWE-307	7.5
2020-09-27	CVE-2020-25815	Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-09-27	CVE-2020-25814	Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-09-27	CVE-2020-25813	In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. network low complexity mediawiki fedoraproject	5.3
2020-09-27	CVE-2020-25812	Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.34.x before 1.34.4. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-06-24	CVE-2020-15005	In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. network high complexity mediawiki fedoraproject debian	3.1
2020-06-02	CVE-2020-10959	Open Redirect vulnerability in Mediawiki 1.22.15/1.5 resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. network low complexity mediawiki CWE-601	6.1

Vulnerabilities > Mediawiki {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mediawiki"}]}

Vulnerabilities > Mediawiki