Mediawiki ≫ Mediawiki

395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

4.3

CVE-2023-45362

Exploit

EPSS 0.39%
Veröffentlicht 03.11.2023 05:15:30
Zuletzt bearbeitet 04.11.2025 18:15:41

An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser (aka "X intermediate revisions by the same user not shown") ignores username suppression. ...

5.3

CVE-2023-45370

EPSS 0.09%
Veröffentlicht 09.10.2023 06:15:10
Zuletzt bearbeitet 21.11.2024 08:26:50

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportstea...

7.5

CVE-2023-45371

EPSS 0.18%
Veröffentlicht 09.10.2023 06:15:10
Zuletzt bearbeitet 21.11.2024 08:26:50

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items.

5.3

CVE-2023-45372

EPSS 0.13%
Veröffentlicht 09.10.2023 06:15:10
Zuletzt bearbeitet 21.11.2024 08:26:50

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g., AbuseFilter).

6.1

CVE-2023-45373

EPSS 0.31%
Veröffentlicht 09.10.2023 06:15:10
Zuletzt bearbeitet 21.11.2024 08:26:50

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators.

5.3

CVE-2023-45374

EPSS 0.08%
Veröffentlicht 09.10.2023 06:15:10
Zuletzt bearbeitet 21.11.2024 08:26:50

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteT...

4.3

CVE-2023-45369

EPSS 0.11%
Veröffentlicht 09.10.2023 06:15:09
Zuletzt bearbeitet 21.11.2024 08:26:49

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed.

7.5

CVE-2023-45363

Exploit

EPSS 11.03%
Veröffentlicht 09.10.2023 05:15:09
Zuletzt bearbeitet 21.11.2024 08:26:49

An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages re...

5.3

CVE-2023-45364

EPSS 0.12%
Veröffentlicht 09.10.2023 05:15:09
Zuletzt bearbeitet 21.11.2024 08:26:49

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID bel...

6.5

CVE-2023-45367

Exploit

EPSS 0.14%
Veröffentlicht 09.10.2023 05:15:09
Zuletzt bearbeitet 21.11.2024 08:26:49

An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of...

<1...3456789...40>

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Mediawiki ≫ Mediawiki

CVE-2023-45362

CVE-2023-45370

CVE-2023-45371

CVE-2023-45372

CVE-2023-45373

CVE-2023-45374

CVE-2023-45369

CVE-2023-45363

CVE-2023-45364

CVE-2023-45367