Vulnerabilities > Mediawiki > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-31 | CVE-2023-29137 | Unspecified vulnerability in Mediawiki An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. | 4.3 |
2023-03-31 | CVE-2023-29139 | Unspecified vulnerability in Mediawiki An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. | 6.5 |
2023-03-31 | CVE-2023-29140 | Unspecified vulnerability in Mediawiki An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. | 5.3 |
2023-02-05 | CVE-2017-20175 | Cross-site Scripting vulnerability in Mediawiki Matomo 2.4.0/2.4.1/2.4.2 A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki. | 6.1 |
2023-01-20 | CVE-2022-39193 | Information Exposure vulnerability in Mediawiki 1.39.0/1.39.1 An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. | 5.3 |
2023-01-20 | CVE-2023-22910 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.4 |
2023-01-20 | CVE-2023-22912 | Use of Insufficiently Random Values vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.3 |
2023-01-17 | CVE-2015-10058 | Cross-site Scripting vulnerability in Mediawiki Wikisource Category Browser A vulnerability, which was classified as problematic, was found in Wikisource Category Browser. | 6.1 |
2023-01-12 | CVE-2022-47927 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.5 |
2023-01-11 | CVE-2023-22945 | Incorrect Authorization vulnerability in multiple products In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties. | 4.3 |