Vulnerabilities > Mediawiki

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2023-37255 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki CWE-79
6.1
6.1
2023-06-29 CVE-2023-37256 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in the Cargo extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki CWE-79
6.1
6.1
2023-06-26 CVE-2023-36675 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4.
network
low complexity
mediawiki CWE-79
6.1
6.1
2023-05-29 CVE-2022-41766 Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3.
network
low complexity
mediawiki CWE-732
4.3
4.3
2023-04-15 CVE-2020-29007 Code Injection vulnerability in Mediawiki Score 0.3.0
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable.
network
low complexity
mediawiki CWE-94
critical
 9.8
9.8
2023-04-15 CVE-2021-30153 Exposure of Resource to Wrong Sphere vulnerability in Mediawiki
An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki CWE-668
4.3
4.3
2023-03-31 CVE-2023-29137 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
4.3
4.3
2023-03-31 CVE-2023-29139 Unspecified vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
6.5
6.5
2023-03-31 CVE-2023-29140 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
5.3
5.3
2023-03-31 CVE-2023-29141 An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3.
network
low complexity
mediawiki fedoraproject
critical
 9.8
9.8