Vulnerabilidades em mediawiki
19 resultadosCVE-2017-0372—Parameters injection in SyntaxHighlight results in multiple vulnerabilitiesEPSS 11.7%CVE-2018-0504—Information disclosure in Special:Redirect/logidEPSS 2.8%CVE-2013-1816—MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a speciEPSS 2.7%CVE-2013-1817—MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive iEPSS 2.5%CVE-2018-13258—Tarball was missing .htaccess filesEPSS 2.1%CVE-2018-0505—BotPasswords can bypass CentralAuth's account lockEPSS 1.9%CVE-2017-0367—Having LocalisationCache directory default to system tmp directory is insecureEPSS 1.9%CVE-2017-0368—Make rawHTML mode not apply to system messagesEPSS 1.5%CVE-2018-0503—$wgRateLimits entry for 'user' overrides 'newbie'EPSS 1.5%CVE-2017-0370—Spam blacklist ineffective on encoded URLs inside file inclusion syntax's link parameterEPSS 1.4%CVE-2012-0046—mediawiki allows deleted text to be exposedEPSS 1.4%CVE-2017-0366—SVG filter evasion using default attribute values in DTD declarationEPSS 1.3%CVE-2017-0369—Sysops can undelete pages, although the page is protected against itEPSS 1.2%CVE-2017-0365—XSS in SearchHighlighter::highlightText() [requires non-default config]EPSS 1.2%CVE-2023-3550HIGHStored XSS leads to privilege escalation in MediaWiki v1.40.0EPSS 1.2%CVE-2017-0363—Special:UserLogin?returnto=interwiki:foo will redirect to external sitesEPSS 1.1%CVE-2017-0364—Special:Search allows redirects to any interwiki linkEPSS 1.1%CVE-2017-0362—"Mark all pages visited" on the watchlist does not require a CSRF tokenEPSS 0.8%CVE-2017-0361—api.log contains passwords in plaintextEPSS 0.5%