Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Wiki

MediaWiki

MediaWiki is a free software wiki package written in PHP originally for use on Wikipedia. It is now used by several other projects of the non-profit Wikimedia Foundation and by many other wikis. MediaWiki is designed to be run on a large server farm for a website that gets millions of hits per day.

Official Site:

https://www.mediawiki.org/wiki/MediaWiki

Severity Summary:

Critical: 18 High: 63 Medium: 267 Low: 12
Reference
Title
Severity
CVE-2017-8809
MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Critical
CVE-2020-10534
MediaWiki Improper Privilege Management Vulnerability
Critical
CVE-2023-3550
MediaWiki Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2023-37303
MediaWiki Vulnerability
Critical
CVE-2017-0372
MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Critical
CVE-2022-29904
MediaWiki Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2019-12468
MediaWiki Missing Authentication for Critical Function Vulnerability
Critical
CVE-2021-31556
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Critical
CVE-2022-29906
MediaWiki Incorrect Authorization Vulnerability
Critical
CVE-2022-28205
MediaWiki Vulnerability
Critical
CVE-2022-28206
MediaWiki Vulnerability
Critical
CVE-2023-29141
MediaWiki Vulnerability
Critical
CVE-2022-28209
MediaWiki Vulnerability
Critical
CVE-2015-8626
MediaWiki Credentials Management Errors Vulnerability
Critical
CVE-2015-8009
MediaWiki Credentials Management Errors Vulnerability
Critical
CVE-2021-36128
MediaWiki Improper Authentication Vulnerability
Critical
CVE-2014-9487
MediaWiki Improper Restriction of XML External Entity Reference Vulnerability
Critical
CVE-2021-36126
MediaWiki Other Vulnerability
Critical
CVE-2020-35623
MediaWiki Insufficiently Protected Credentials Vulnerability
High
CVE-2013-4571
MediaWiki Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2020-35625
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability
High
CVE-2020-35626
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2021-31555
MediaWiki Improper Input Validation Vulnerability
High
CVE-2022-28204
MediaWiki Vulnerability
High
CVE-2020-35475
MediaWiki Improper Encoding or Escaping of Output Vulnerability
High
CVE-2016-6331
MediaWiki Improper Access Control Vulnerability
High
CVE-2016-6332
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2022-28203
MediaWiki Release of Invalid Pointer or Reference Vulnerability
High
CVE-2015-6728
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2021-44858
MediaWiki Incorrect Default Permissions Vulnerability
High