- Home
- CVEs with nessus.description==Updated mediawiki packages fix security vulnerabilies :
In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML (CVE-2014-9276).
MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that blindly unserialize PHP representations of the page from the API (CVE-2014-9277).
This update provides MediaWiki 1.23.7, which fixes these security issues and other bugs.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top