Vulnerabilities > Mediawiki > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-46150 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. | 3.5 |
| 2022-01-10 | CVE-2021-46146 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. | 3.5 |
| 2021-10-06 | CVE-2021-42044 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2. | 3.5 |
| 2021-10-06 | CVE-2021-42042 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. | 3.5 |
| 2021-07-02 | CVE-2021-36131 | Cross-site Scripting vulnerability in Mediawiki An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. | 3.5 |
| 2021-07-02 | CVE-2021-36130 | Cross-site Scripting vulnerability in Mediawiki An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36. | 3.5 |
| 2021-04-22 | CVE-2021-31550 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. | 3.5 |
| 2020-11-24 | CVE-2020-29002 | Cross-site Scripting vulnerability in Mediawiki includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator. | 3.5 |
| 2020-11-24 | CVE-2020-29003 | Cross-site Scripting vulnerability in Mediawiki The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll. | 3.5 |
| 2020-10-28 | CVE-2020-27957 | Cross-site Scripting vulnerability in Mediawiki The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. | 3.5 |