CVEDB API

Vulnerabilities

Vulnerable Software

Mediawiki: >> Mediawiki >> 1.42.0 Security Vulnerabilities

CVE-2024-40601

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.

CVSS Score

6.5

EPSS Score

0.001

Published

2024-07-07

CVE-2024-40602

An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.

CVSS Score

4.8

EPSS Score

0.001

Published

2024-07-07

CVE-2024-40603

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request.

CVSS Score

4.3

EPSS Score

0.001

Published

2024-07-07

CVE-2024-40604

An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via MediaWiki:Nimbus-sidebar menu and submenu entries.

CVSS Score

4.8

EPSS Score

0.001

Published

2024-07-07

CVE-2024-40605

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.

CVSS Score

4.8

EPSS Score

0.001

Published

2024-07-07

Page 2

Vulnerabilities

Vulnerable Software

Mediawiki: >> Mediawiki >> 1.42.0 Security Vulnerabilities

Products

Pricing

Contact Us