Lucene search
HistoryMay 12, 2014 - 2:55 p.m.
CVE-2013-6454
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
53.5%
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via a -o-link attribute.
Affected configurations
Node
mediawikimediawikiMatch1.21
ORmediawikimediawikiMatch1.21.1
ORmediawikimediawikiMatch1.21.2
ORmediawikimediawikiMatch1.21.3
Node
mediawikimediawikiMatch1.22.0
Node
mediawikimediawikiRange≤1.19.9
ORmediawikimediawikiMatch1.19
ORmediawikimediawikiMatch1.19beta_1
ORmediawikimediawikiMatch1.19beta_2
ORmediawikimediawikiMatch1.19.0
ORmediawikimediawikiMatch1.19.1
ORmediawikimediawikiMatch1.19.2
ORmediawikimediawikiMatch1.19.3
ORmediawikimediawikiMatch1.19.4
ORmediawikimediawikiMatch1.19.5
ORmediawikimediawikiMatch1.19.6
ORmediawikimediawikiMatch1.19.7
ORmediawikimediawikiMatch1.19.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mediawiki | mediawiki | 1.21 | cpe:2.3:a:mediawiki:mediawiki:1.21:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.1 | cpe:2.3:a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.2 | cpe:2.3:a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.21.3 | cpe:2.3:a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.22.0 | cpe:2.3:a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:* |
| mediawiki | mediawiki | * | cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:*:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:beta_1:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19 | cpe:2.3:a:mediawiki:mediawiki:1.19:beta_2:*:*:*:*:*:* |
| mediawiki | mediawiki | 1.19.0 | cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2013-6454
2014-05-12 14:55:06
cvelist
cvelist
CVE-2013-6454
2014-05-12 14:00:00
ubuntucve
ubuntucve
CVE-2013-6454
2014-05-12 00:00:00
prion
prion
Cross site scripting
2014-05-12 14:55:00
debiancve
debiancve
CVE-2013-6454
2014-05-12 14:55:06
openvas
openvas
MediaWiki Multiple Vulnerabilities -02 (Nov 2015) - Windows
2015-11-26 00:00:00
MediaWiki Multiple Vulnerabilities -02 (Nov 2015) - Linux
2015-11-26 00:00:00
Fedora Update for mediawiki FEDORA-2014-6961
2014-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mediawiki-1.21.5-1.fc20
2014-02-07 03:09:15
[SECURITY] Fedora 19 Update: mediawiki-1.21.5-1.fc19
2014-02-07 03:06:58
[SECURITY] Fedora 19 Update: mediawiki-1.21.11-1.fc19
2014-07-05 14:54:58
debian
debian
[SECURITY] [DSA 2891-1] mediawiki security update
2014-03-30 09:25:39
[SECURITY] [DSA 2891-2] mediawiki regression update
2014-03-31 17:07:21
[SECURITY] [DSA 2891-3] mediawiki regression update
2014-04-04 18:02:59
nessus
nessus
MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities
2014-02-06 00:00:00
Debian DSA-2891-1 : mediawiki, mediawiki-extensions Multiple Vulnerabilities
2014-03-31 00:00:00
GLSA-201502-04 : MediaWiki: Multiple vulnerabilities
2015-02-09 00:00:00
osv
osv
mediawiki - security update
2014-03-30 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2015-02-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
53.5%
Related for NVD:CVE-2013-6454