light bulb

Did You Know?



Reply
Posts: 891
Topics: 178
Kudos: 599
Registered: ‎10-03-2012

MediaWiki Multiple Security Vulnerabilities

MediaWiki is prone to the following security vulnerabilities: 

1. Multiple cross-site scripting vulnerabilities 
2. Multiple information-disclosure vulnerabilities 
3. Multiple security-bypass vulnerabilities 
4. An HTML-injection vulnerability 
5. A denial-of-service vulnerability 
6. A buffer-overflow vulnerability 
7. A cross-site request forgery vulnerability 

An attacker can exploit these issues to perform unauthorized actions, bypass security restrictions, cause denial-of-service conditions, execute attacker-supplied HTML or JavaScript code in the context of the affected site, to steal cookie-based authentication credentials, execute arbitrary code, or gain access to sensitive information. 
Versions prior to MediaWiki 1.19.20, 1.21.4 and 1.22.1 are vulnerable.

Attackers can exploit this issue using a browser or readily available tools.

 

Solution: updates are available. Please see the references or vendor advisory for more information.

 

Full Article

Sr. Community Leader

Beta Tester



WEBROOT® SecureAnywhere™ Internet Security Complete Beta v8.0.8.77