CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2013-6453 — HIGH severity vulnerability | Release Alert
CVE-2013-6453
7.5
HIGHCVSS v2
Published
May 12, 2014
Affected
2 projects
Assigned by
Red Hat
Severity scale
010
Description
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
GitHub🌻 The collaborative editing software that runs Wikipedia. Mirror from https://gerrit.wikimedia.org/g/mediawiki/core. See https://mediawiki.org/wiki/Developer_access for contributing.