- Home
- CVEs with nessus.description==Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work :
- CVE-2017-8808 Cross-site-scripting with non-standard URL escaping and $wgShowExceptionDetails disabled.
- CVE-2017-8809 Reflected file download in API.
- CVE-2017-8810 On private wikis the login form didn't distinguish between login failure due to bad username and bad password.
- CVE-2017-8811 It was possible to mangle HTML via raw message parameter expansion.
- CVE-2017-8812 id attributes in headlines allowed raw '>'.
- CVE-2017-8814 Language converter could be tricked into replacing text inside tags.
- CVE-2017-8815 Unsafe attribute injection via glossary rules in language converter.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top