Max CVSS | 7.5 | Min CVSS | 5.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-9277 | 7.5 |
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-d
|
06-01-2015 - 16:46 | 04-01-2015 - 21:59 | |
CVE-2014-9276 | 5.1 |
Cross-site request forgery (CSRF) vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is set to true, allows remote attackers to hijack the a
|
06-01-2015 - 14:16 | 04-01-2015 - 21:59 |