Information on source package mediawiki

Available versions

ReleaseVersion
stretch1:1.27.7-1+deb9u13
stretch (security)1:1.27.7-1+deb9u11
buster1:1.31.16-1+deb10u8
bullseye1:1.35.13-1+deb11u2
bullseye (security)1:1.35.13-1+deb11u3
bookworm1:1.39.10-1~deb12u1
trixie1:1.39.10-1
sid1:1.39.10-1

Open issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-47913vulnerablevulnerablefixedfixedfixedfixedAn issue was discovered in the AbuseFilter extension for MediaWiki bef ...
CVE-2024-34507vulnerablefixedfixedfixedfixedfixedAn issue was discovered in includes/CommentFormatter/CommentParser.php ...
CVE-2024-34506vulnerablefixedfixedfixedfixedfixedAn issue was discovered in includes/specials/SpecialMovePage.php in Me ...
CVE-2023-51704vulnerablefixedfixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1. ...
CVE-2023-45364vulnerablefixedfixedfixedfixedfixedAn issue was discovered in includes/page/Article.php in MediaWiki 1.36 ...
CVE-2023-45363vulnerablefixedfixedfixedfixedfixedAn issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, ...
CVE-2023-45362vulnerablefixedfixedfixedfixedfixedAn issue was discovered in DifferenceEngine.php in MediaWiki before 1. ...
CVE-2023-45361vulnerablefixedfixedfixedfixedfixedAn issue was discovered in VectorComponentUserLinks.php in the Vector ...
CVE-2023-45360vulnerablevulnerable (no DSA, ignored)fixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1. ...
CVE-2023-45359vulnerablefixedfixedfixedfixedfixedAn issue was discovered in the Vector Skin component for MediaWiki bef ...
CVE-2023-36675vulnerablefixedfixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1. ...
CVE-2023-36674vulnerablefixedfixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1. ...
CVE-2023-29141vulnerablefixedfixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1. ...
CVE-2023-3550vulnerablefixedfixedfixedfixedfixedMediawiki v1.40.0 does not validate namespaces used in XML files. The ...
CVE-2022-47927vulnerablefixedfixedfixedfixedfixedAn issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.3 ...

Open unimportant issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2020-36649vulnerablefixedfixedfixedfixedfixedA vulnerability was found in mholt PapaParse up to 5.1.x. It has been ...

Resolved issues

BugDescription
TEMP-0000000-8B87A6mediawiki issues from 1.26.3, 1.25.6 and 1.23.14
CVE-2022-41767An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x ...
CVE-2022-41766An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x ...
CVE-2022-41765An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x ...
CVE-2022-34912An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1 ...
CVE-2022-34911An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x ...
CVE-2022-31091Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` he ...
CVE-2022-31090Guzzle, an extensible PHP HTTP client. `Authorization` headers on requ ...
CVE-2022-31043Guzzle is an open source PHP HTTP client. In affected versions `Author ...
CVE-2022-31042Guzzle is an open source PHP HTTP client. In affected versions the `Co ...
CVE-2022-29248Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 ...
CVE-2022-28204A denial-of-service issue was discovered in MediaWiki 1.37.x before 1. ...
CVE-2022-28203A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1 ...
CVE-2022-28202An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before ...
CVE-2022-28201An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36 ...
CVE-2021-45038An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-44858An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-44857An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-44856An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-44855An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-44854An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...
CVE-2021-41801The ReplaceText extension through 1.41 for MediaWiki has Incorrect Acc ...
CVE-2021-41800MediaWiki before 1.36.2 allows a denial of service (resource consumpti ...
CVE-2021-41799MediaWiki before 1.36.2 allows a denial of service (resource consumpti ...
CVE-2021-41798MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages a ...
CVE-2021-35197In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and ...
CVE-2021-30458An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x ...
CVE-2021-30159An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30158An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30157An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30156An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30155An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30154An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...
CVE-2021-30153An issue was discovered in the VisualEditor extension in MediaWiki bef ...
CVE-2021-30152An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through ...
CVE-2021-27291In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming ...
CVE-2021-20270An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lea ...
CVE-2020-35480An issue was discovered in MediaWiki before 1.35.1. Missing users (acc ...
CVE-2020-35479MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language ...
CVE-2020-35478MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWik ...
CVE-2020-35477MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries ...
CVE-2020-35475In MediaWiki before 1.35.1, the messages userrights-expiry-current and ...
CVE-2020-35474In MediaWiki before 1.35.1, the combination of Html::rawElement and Me ...
CVE-2020-25828An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through ...
CVE-2020-25827An issue was discovered in the OATHAuth extension in MediaWiki before ...
CVE-2020-25815An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34 ...
CVE-2020-25814In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, X ...
CVE-2020-25813In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, S ...
CVE-2020-25812An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special: ...
CVE-2020-17368Firejail through 0.9.62 mishandles shell metacharacters during use of ...
CVE-2020-17367Firejail through 0.9.62 does not honor the -- end-of-options indicator ...
CVE-2020-15005In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34. ...
CVE-2020-10960In MediaWiki before 1.34.1, users can add various Cascading Style Shee ...
CVE-2020-10959resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 a ...
CVE-2019-19709MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklis ...
CVE-2019-16738In MediaWiki through 1.33.0, Special:Redirect allows information discl ...
CVE-2019-12474Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Pri ...
CVE-2019-12473Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing inv ...
CVE-2019-12472An Incorrect Access Control vulnerability was found in Wikimedia Media ...
CVE-2019-12471Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaSc ...
CVE-2019-12470Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppr ...
CVE-2019-12469MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed user ...
CVE-2019-12468An Incorrect Access Control vulnerability was found in Wikimedia Media ...
CVE-2019-12467MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). ...
CVE-2019-12466Wikimedia MediaWiki through 1.32.1 allows CSRF.
CVE-2019-11358jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other produc ...
CVE-2018-13258Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided ta ...
CVE-2018-0505Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a fla ...
CVE-2018-0504Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an in ...
CVE-2018-0503Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a fla ...
CVE-2017-8815The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28. ...
CVE-2017-8814The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28. ...
CVE-2017-8812MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...
CVE-2017-8811The implementation of raw message parameter expansion in MediaWiki bef ...
CVE-2017-8810MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...
CVE-2017-8809api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x b ...
CVE-2017-8808MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...
CVE-2017-0372Parameters injection in the SyntaxHighlight extension of Mediawiki bef ...
CVE-2017-0371MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.2 ...
CVE-2017-0370Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam b ...
CVE-2017-0369Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a ...
CVE-2017-0368Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawH ...
CVE-2017-0367Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary d ...
CVE-2017-0366Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to ...
CVE-2017-0365Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerabilit ...
CVE-2017-0364Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Speci ...
CVE-2017-0363Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:Us ...
CVE-2017-0362Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the " ...
CVE-2017-0361Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information dis ...
CVE-2016-6337MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass ...
CVE-2016-6336MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...
CVE-2016-6335MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...
CVE-2016-6334Cross-site scripting (XSS) vulnerability in the Parser::replaceInterna ...
CVE-2016-6333Cross-site scripting (XSS) vulnerability in the CSS user subpage previ ...
CVE-2016-6332MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...
CVE-2016-6331ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x ...
CVE-2015-8628The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContribution ...
CVE-2015-8627MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, ...
CVE-2015-8626The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x ...
CVE-2015-8625MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, ...
CVE-2015-8624The User::matchEditToken function in includes/User.php in MediaWiki be ...
CVE-2015-8623The User::matchEditToken function in includes/User.php in MediaWiki be ...
CVE-2015-8622Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, ...
CVE-2015-8005MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...
CVE-2015-8004MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...
CVE-2015-8003MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...
CVE-2015-8002The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...
CVE-2015-8001The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...
CVE-2015-6730Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...
CVE-2015-6729Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...
CVE-2015-6728The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1. ...
CVE-2015-6727The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.2 ...
CVE-2015-2942MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...
CVE-2015-2941Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, ...
CVE-2015-2940Cross-site request forgery (CSRF) vulnerability in the CheckUser exten ...
CVE-2015-2939Cross-site scripting (XSS) vulnerability in the Scribunto extension fo ...
CVE-2015-2938Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, ...
CVE-2015-2937MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...
CVE-2015-2936MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing ...
CVE-2015-2935MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...
CVE-2015-2934MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...
CVE-2015-2933Cross-site scripting (XSS) vulnerability in the Html class in MediaWik ...
CVE-2015-2932Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x b ...
CVE-2015-2931Incomplete blacklist vulnerability in includes/upload/UploadBase.php i ...
CVE-2014-9507MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, whe ...
CVE-2014-9476MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before ...
CVE-2014-9475Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...
CVE-2014-9277The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki bef ...
CVE-2014-9276Cross-site request forgery (CSRF) vulnerability in the Special:Expande ...
CVE-2014-7295The (1) Special:Preferences and (2) Special:UserLogin pages in MediaWi ...
CVE-2014-7199Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.19, ...
CVE-2014-5243MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.2 ...
CVE-2014-5242Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagin ...
CVE-2014-5241The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki befo ...
CVE-2014-3966Cross-site scripting (XSS) vulnerability in Special:PasswordReset in M ...
CVE-2014-2853Cross-site scripting (XSS) vulnerability in includes/actions/InfoActio ...
CVE-2014-2665includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.1 ...
CVE-2014-2244Cross-site scripting (XSS) vulnerability in the formatHTML function in ...
CVE-2014-2243includes/User.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x befor ...
CVE-2014-2242includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and ...
CVE-2014-1610MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x befor ...
CVE-2013-7444The Special:Contributions page in MediaWiki before 1.22.0 allows remot ...
CVE-2013-6472MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...
CVE-2013-6454Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, ...
CVE-2013-6453MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...
CVE-2013-6452Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, ...
CVE-2013-6451Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1. ...
CVE-2013-4572The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before ...
CVE-2013-4568Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...
CVE-2013-4567Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...
CVE-2013-4303includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.1 ...
CVE-2013-4302(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiM ...
CVE-2013-4301includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x ...
CVE-2013-2114Unrestricted file upload vulnerability in the chunk upload API in Medi ...
CVE-2013-2032MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extens ...
CVE-2013-2031MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attacke ...
CVE-2013-1951A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 ...
CVE-2013-1818maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote ...
CVE-2013-1817MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in ...
CVE-2013-1816MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attacke ...
CVE-2012-5391Session fixation vulnerability in Special:UserLogin in MediaWiki befor ...
CVE-2012-4885The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x befor ...
CVE-2012-4382MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly pr ...
CVE-2012-4381MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in t ...
CVE-2012-4380MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attack ...
CVE-2012-4379MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a rest ...
CVE-2012-4378Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki befor ...
CVE-2012-4377Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 an ...
CVE-2012-2698Cross-site scripting (XSS) vulnerability in the outputPage function in ...
CVE-2012-1582Cross-site scripting (XSS) vulnerability in the wikitext parser in Med ...
CVE-2012-1581MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak rand ...
CVE-2012-1580Cross-site request forgery (CSRF) vulnerability in Special:Upload in M ...
CVE-2012-1579The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x befor ...
CVE-2012-1578Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWik ...
CVE-2012-0046mediawiki allows deleted text to be exposed
CVE-2011-4361MediaWiki before 1.17.1 does not check for read permission before hand ...
CVE-2011-4360MediaWiki before 1.17.1 allows remote attackers to obtain the page tit ...
CVE-2011-1766includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogi ...
CVE-2011-1765Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, w ...
CVE-2011-1587Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, w ...
CVE-2011-1580The transwiki import functionality in MediaWiki before 1.16.3 does not ...
CVE-2011-1579The checkCss function in includes/Sanitizer.php in the wikitext parser ...
CVE-2011-1578Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, w ...
CVE-2011-0537Multiple directory traversal vulnerabilities in (1) languages/Language ...
CVE-2011-0047Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 al ...
CVE-2011-0003MediaWiki before 1.16.1, when user or site JavaScript or CSS is enable ...
CVE-2010-2789PHP remote file inclusion vulnerability in MediaWikiParserTest.php in ...
CVE-2010-2788Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWi ...
CVE-2010-2787api.php in MediaWiki before 1.15.5 does not prevent use of public cach ...
CVE-2010-1648Cross-site request forgery (CSRF) vulnerability in the login interface ...
CVE-2010-1647Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15 ...
CVE-2010-1190thumb.php in MediaWiki before 1.15.2, when used with access-restrictio ...
CVE-2010-1189MediaWiki before 1.15.2 does not prevent wiki editors from linking to ...
CVE-2010-1150MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not proper ...
CVE-2009-4589Cross-site scripting (XSS) vulnerability in the Special:Block implemen ...
CVE-2009-0737Multiple cross-site scripting (XSS) vulnerabilities in the web-based i ...
CVE-2008-5688MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExce ...
CVE-2008-5687MediaWiki 1.11, and other versions before 1.13.3, does not properly pr ...
CVE-2008-5252Cross-site request forgery (CSRF) vulnerability in the Special:Import ...
CVE-2008-5250Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1 ...
CVE-2008-5249Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1 ...
CVE-2008-4408Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, ...
CVE-2008-1318Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remot ...
CVE-2008-0460Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1 ...
CVE-2007-4828Cross-site scripting (XSS) vulnerability in the API pretty-printing mo ...
CVE-2007-1055Cross-site scripting (XSS) vulnerability in the AJAX features in index ...
CVE-2007-1054Cross-site scripting (XSS) vulnerability in the AJAX features in index ...
CVE-2007-0894MediaWiki before 1.9.2 allows remote attackers to obtain sensitive inf ...
CVE-2007-0788Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9 ...
CVE-2007-0177Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWi ...
CVE-2006-2895Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to vers ...
CVE-2006-1498Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...
CVE-2006-0322Unspecified vulnerability the edit comment formatting functionality in ...
CVE-2005-4501MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string" ...
CVE-2005-4031Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows re ...
CVE-2005-3167Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not ...
CVE-2005-3166Unspecified vulnerability in "edit submission handling" for MediaWiki ...
CVE-2005-3165Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki befor ...
CVE-2005-2396Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlie ...
CVE-2005-2215Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x bef ...
CVE-2005-1888Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 all ...
CVE-2005-1245Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, wh ...
CVE-2005-0536Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and ...
CVE-2005-0535Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x bef ...
CVE-2005-0534Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x ...
CVE-2004-2187Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "fi ...
CVE-2004-2186SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers ...
CVE-2004-2185Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 ...
CVE-2004-2152Cross-site scripting (XSS) vulnerability in 'raw' page output mode for ...
CVE-2004-1405MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not ...

Security announcements

DSA / DLADescription
DSA-5785-1mediawiki - security update
DLA-3896-1mediawiki - security update
DLA-3796-1mediawiki - security update
DSA-5651-1mediawiki - security update
DLA-3671-1mediawiki - security update
DSA-5520-1mediawiki - security update
DLA-3540-1mediawiki - security update
DLA-3489-1mediawiki - security update
DSA-5447-1mediawiki - security update
DLA-3148-1mediawiki - security update
ELA-703-1mediawiki - security update
DSA-5246-1mediawiki - security update
DLA-3117-1mediawiki - security update
ELA-674-1mediawiki - security update
DSA-5021-1mediawiki - security update
DLA-2847-1mediawiki - security update
DLA-2779-1mediawiki - security update
DSA-4979-1mediawiki - security update
DLA-2648-2mediawiki - regression update
DLA-2648-1mediawiki - security update
DSA-4889-1mediawiki - security update
DLA-2504-1mediawiki - security update
DSA-4816-1mediawiki - security update
DLA-2379-3mediawiki - regression update
DLA-2379-2mediawiki - regression update
DSA-4767-1mediawiki - security update
DLA-2379-1mediawiki - security update
DSA-4651-1mediawiki - security update
DSA-4592-1mediawiki - security update
DSA-4545-1mediawiki - security update
DSA-4460-1mediawiki - security update
DSA-4301-1mediawiki - security update
DSA-4036-1mediawiki - security update
DSA-3110-1mediawiki - security update
DSA-3100-1mediawiki - security update
DSA-3046-1mediawiki - security update
DSA-3036-1mediawiki - security update
DSA-3011-1mediawiki - security update
DSA-2957-1mediawiki - security update
DSA-2891-1mediawiki - security update
DSA-2753-1mediawiki - cross-site request forgery token disclosure
DSA-2366-1mediawiki - multiple
DSA-2041-1mediawiki - cross-site request forgery
DSA-2022-1mediawiki - several vulnerabilities

Search for package or bug name: Reporting problems