Vulnerabilities > Mediawiki > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-31 CVE-2023-29137 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
4.3
2023-03-31 CVE-2023-29139 Unspecified vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
6.5
2023-03-31 CVE-2023-29140 Unspecified vulnerability in Mediawiki
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
5.3
2023-02-05 CVE-2017-20175 Cross-site Scripting vulnerability in Mediawiki Matomo 2.4.0/2.4.1/2.4.2
A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki.
network
low complexity
mediawiki CWE-79
6.1
2023-01-20 CVE-2022-39193 Information Exposure vulnerability in Mediawiki 1.39.0/1.39.1
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x.
network
low complexity
mediawiki CWE-200
5.3
2023-01-20 CVE-2023-22910 Cross-site Scripting vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-79
5.4
2023-01-20 CVE-2023-22912 Use of Insufficiently Random Values vulnerability in Mediawiki
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki CWE-330
5.3
2023-01-17 CVE-2015-10058 Cross-site Scripting vulnerability in Mediawiki Wikisource Category Browser
A vulnerability, which was classified as problematic, was found in Wikisource Category Browser.
network
low complexity
mediawiki CWE-79
6.1
2023-01-12 CVE-2022-47927 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
local
low complexity
mediawiki fedoraproject CWE-732
5.5
2023-01-11 CVE-2023-22945 Incorrect Authorization vulnerability in multiple products
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
network
low complexity
mediawiki fedoraproject CWE-863
4.3