Vulnerabilities > Mediawiki

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-29	CVE-2022-29903	Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration. network low complexity mediawiki CWE-352	4.3
2022-04-29	CVE-2022-29904	SQL Injection vulnerability in Mediawiki The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints. network low complexity mediawiki CWE-89 critical	9.8
2022-04-29	CVE-2022-29905	Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF. network low complexity mediawiki CWE-352	4.3
2022-04-29	CVE-2022-29906	Missing Authorization vulnerability in Mediawiki The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user. network low complexity mediawiki CWE-862 critical	9.8
2022-04-29	CVE-2022-29907	Cross-site Scripting vulnerability in Mediawiki The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages. network low complexity mediawiki CWE-79	6.1
2022-04-21	CVE-2022-29547	Incorrect Default Permissions vulnerability in Mediawiki Createredirect The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. network low complexity mediawiki CWE-276	7.5
2022-03-30	CVE-2022-28205	Unspecified vulnerability in Mediawiki An issue was discovered in MediaWiki through 1.37.1. network low complexity mediawiki critical	9.8
2022-03-30	CVE-2022-28206	Unspecified vulnerability in Mediawiki An issue was discovered in MediaWiki through 1.37.1. network low complexity mediawiki critical	9.8
2022-03-30	CVE-2022-28209	Unspecified vulnerability in Mediawiki An issue was discovered in Mediawiki through 1.37.1. network low complexity mediawiki critical	9.8
2022-03-30	CVE-2022-28202	Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. network low complexity mediawiki fedoraproject debian CWE-79	6.1

Vulnerabilities > Mediawiki {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mediawiki"}]}

Vulnerabilities > Mediawiki