mediawiki

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description MediaWiki engine
Version 1.35.2-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1791 1.35.1-2 Medium Not affected
AVG-1775 1.35.1-2 1.35.2-1 Medium Fixed
AVG-1371 1.35.0-1 1.35.1-1 Medium Fixed FS#69132
AVG-765 1.31.0-1 1.31.1-1 Medium Fixed
AVG-491 1.28.2-1 1.28.3-1 Critical Fixed
AVG-490 1.29.1-1 1.29.2-1 High Fixed
AVG-259 1.28.1-1 1.28.2-1 Medium Fixed
AVG-236 1.28.0-1 1.28.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-30458 AVG-1775 Medium Yes Cross-site scripting
An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will...
CVE-2021-30159 AVG-1775 Medium Yes Access restriction bypass
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in...
CVE-2021-30158 AVG-1775 Low Yes Incorrect calculation
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has...
CVE-2021-30157 AVG-1775 Medium Yes Cross-site scripting
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and...
CVE-2021-30156 AVG-1791 Medium Yes Information disclosure
An issue was discovered in MediaWiki on the master branch. Special:Contributions can leak that a "hidden" user exists.
CVE-2021-30155 AVG-1775 Medium Yes Access restriction bypass
n issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct...
CVE-2021-30154 AVG-1775 Medium Yes Cross-site scripting
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics- header-* messages...
CVE-2021-30153 AVG-1775 Medium Yes Information disclosure
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ApiVisualEditor can leak that a "hidden" user exists.
CVE-2021-30152 AVG-1775 Medium Yes Access restriction bypass
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is...
CVE-2021-27291 AVG-1775 Low Yes Denial of service
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have...
CVE-2021-20270 AVG-1775 Low Yes Denial of service
A security issue was found in python-pygments version 1.5 up to 2.7.3. When the SMLLexer gets fed the string "exception", it loops indefinitely, leading to...
CVE-2020-35480 AVG-1371 Low Yes Information disclosure
An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden...
CVE-2020-35479 AVG-1371 Medium Yes Cross-site scripting
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the...
CVE-2020-35478 AVG-1371 Medium Yes Cross-site scripting
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via...
CVE-2020-35477 AVG-1371 Low Yes Information disclosure
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page,...
CVE-2020-35475 AVG-1371 Medium Yes Cross-site scripting
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits...
CVE-2020-35474 AVG-1371 Low Yes Cross-site scripting
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of...
CVE-2018-13258 AVG-765 Medium Yes Information disclosure
A security issue has been found in mediawiki < 1.31.1 where the tarball is missing .htaccess files used to protect some directories that shouldn't be web accessible.
CVE-2018-0505 AVG-765 Medium Yes Access restriction bypass
A security issue has been found in mediawiki < 1.31.1 where BotPassword can bypass CentralAuth's account lock.
CVE-2018-0503 AVG-765 Low Yes Access restriction bypass
A security issue has been found in the rate limiting feature of mediawiki < 1.31.1 where, contrary to the documentation, $wgRateLimits entry for 'user'...
CVE-2017-9841 AVG-491 Critical Yes Arbitrary code execution
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning...
CVE-2017-8815 AVG-490 High Yes Cross-site scripting
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.
CVE-2017-8814 AVG-490 High Yes Cross-site scripting
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule...
CVE-2017-8812 AVG-490 Medium Yes Insufficient validation
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute...
CVE-2017-8811 AVG-490 High Yes Cross-site scripting
The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.
CVE-2017-8810 AVG-490 Low Yes Information disclosure
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed...
CVE-2017-8809 AVG-490 High Yes Url request injection
api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability.
CVE-2017-8808 AVG-490 High Yes Cross-site scripting
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends...
CVE-2017-0372 AVG-259 Medium Yes Cross-site scripting
The SyntaxHighlight extension in MediaWiki before 1.28.1 does not properly validate the 'start' parameter before passing it to Pygments.
CVE-2017-0370 AVG-236 Medium Yes Insufficient validation
The spam blacklist in MediaWiki before 1.28.1 could be bypassed by encoding URLs inside a file inclusion syntax's link parameter.
CVE-2017-0369 AVG-236 Low Yes Access restriction bypass
In MediaWiki < 1.28.1, a normal sysop that doesn't have the necessary rights to override a page protection can still recreate it by restoring a former...
CVE-2017-0368 AVG-236 Low Yes Cross-site scripting
MediaWiki < 1.28.1 did not properly mark system messages as raw HTML, hence not properly escaping it.
CVE-2017-0367 AVG-236 High No Arbitrary code execution
MediaWiki before 1.28.1 uses the default system temporary directory for the LocalisationCache directory, allowing a local attacker to execute arbitrary code...
CVE-2017-0366 AVG-236 High Yes Cross-site scripting
MediaWiki < 1.28.1 did not properly filter the DTD declaration when a SVG file was uploaded, leading to a persistent XSS.
CVE-2017-0365 AVG-236 Medium Yes Cross-site scripting
SearchHighlighter::removeWiki() uses a regex to remove html from snippets. The regex - /<\/?[^>]+>/ assumes that html is well-formed. As a result when using...
CVE-2017-0364 AVG-236 Medium Yes Open redirect
The Special:Search page in MediaWiki < 1.28.1 has an open redirect issue.
CVE-2017-0363 AVG-236 Medium Yes Open redirect
The Special:UserLogin page in MediaWiki < 1.28.1 has an open redirect issue.
CVE-2017-0362 AVG-236 Medium Yes Cross-site request forgery
MediaWiki before 1.18.1 did not require a CSRF token for the "Mark all pages visited" action on the watchlist.
CVE-2017-0361 AVG-236 High No Information disclosure
MediaWiki before 1.29.2 may leak passwords in plaintext. API parameters may now be marked as "sensitive" to keep their values out of the logs.
CVE-2017-0361 AVG-490 High No Information disclosure
MediaWiki before 1.29.2 may leak passwords in plaintext. API parameters may now be marked as "sensitive" to keep their values out of the logs.

Advisories

Date Advisory Group Severity Type
12 Jan 2021 ASA-202101-22 AVG-1371 Medium multiple issues
25 Sep 2018 ASA-201809-5 AVG-765 Medium multiple issues
15 Nov 2017 ASA-201711-20 AVG-490 High multiple issues
07 Apr 2017 ASA-201704-3 AVG-236 High multiple issues