MediaWiki 1.40.2

CPE Details

MediaWiki 1.40.2
1.40.2
2024-01-18
15h30 +00:00
2024-01-18
15h30 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mediawiki:mediawiki:1.40.2:*:*:*:*:*:*:*

Informations

Vendor

mediawiki

Product

mediawiki

Version

1.40.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-40596 2024-07-06 00h00 +00:00 An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)
4.3
Medium
CVE-2024-40598 2024-07-06 00h00 +00:00 An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
4.3
Medium
CVE-2024-40599 2024-07-06 00h00 +00:00 An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
4.8
Medium
CVE-2024-40602 2024-07-06 00h00 +00:00 An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
6.1
Medium
CVE-2024-40603 2024-07-06 00h00 +00:00 An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request.
4.3
Medium
CVE-2024-40604 2024-07-06 00h00 +00:00 An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via MediaWiki:Nimbus-sidebar menu and submenu entries.
4.8
Medium
CVE-2024-40605 2024-07-06 00h00 +00:00 An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
4.8
Medium
CVE-2024-40600 2024-07-05 22h00 +00:00 An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
6.1
Medium
CVE-2024-40601 2024-07-05 22h00 +00:00 An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.
6.5
Medium