Lucene search
China National Vulnerability DatabaseCNVD-2023-79688HistorySep 27, 2023 - 12:00 a.m.
Mediawiki input validation error vulnerability (CNVD-2023-79688)
2023-09-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
mediawiki
vulnerability
input validation
xml files
administrator
exploit
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. An input validation error vulnerability exists in Mediawiki version v1.40.0 that stems from not validating namespaces used in XML files. An attacker can exploit the vulnerability to become an administrator by sending a malicious link to an instance administrator.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mediawiki mediawiki v | eq | 1.40.0 |
Related
cve
cve
CVE-2023-3550
2023-09-25 16:15:14
prion
prion
Design/Logic Flaw
2023-09-25 16:15:00
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2023-09-01 00:00:00
ubuntucve
ubuntucve
CVE-2023-3550
2023-09-25 00:00:00
osv
osv
CVE-2023-3550
2023-09-25 16:15:14
BIT-mediawiki-2023-3550
2024-03-06 11:01:36
mediawiki - security update
2023-11-28 00:00:00
nvd
nvd
CVE-2023-3550
2023-09-25 16:15:14
debiancve
debiancve
CVE-2023-3550
2023-09-25 16:15:14
redhatcve
redhatcve
CVE-2023-3550
2023-09-26 17:25:20
cvelist
cvelist
CVE-2023-3550 Stored XSS leads to privilege escalation in MediaWiki v1.40.0
2023-09-25 15:20:27
nessus
nessus
FreeBSD : mediawiki -- multiple vulnerabilities (e59fed96-60da-11ee-9102-000c29de725b)
2023-10-02 00:00:00
Debian DLA-3671-1 : mediawiki - LTS security update
2023-11-28 00:00:00
Debian DSA-5520-1 : mediawiki - security update
2023-10-10 00:00:00
veracode
veracode
XML External Entity (XXE) Injection
2023-10-10 18:52:54
openvas
openvas
Debian: Security Advisory (DLA-3671-1)
2023-11-29 00:00:00
debian
debian
[SECURITY] [DLA 3671-1] mediawiki security update
2023-11-28 11:46:19
[SECURITY] [DSA 5520-1] mediawiki security update
2023-10-10 19:25:45
fedora
fedora
[SECURITY] Fedora 40 Update: php-oojs-oojs-ui-0.48.1-1.fc40
2024-05-11 01:32:03
[SECURITY] Fedora 40 Update: php-wikimedia-cdb-3.0.0-1.fc40
2024-05-11 01:32:03
[SECURITY] Fedora 40 Update: php-wikimedia-utfnormal-4.0.0-1.fc40
2024-05-11 01:32:03
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2024-05-01 01:25:14