wikimedia/mediawiki

GitHub

github.com

www.mediawiki.org

Releases490

Frequency2 weeks 2 days

Last Release 2 months ago

Stars5.08K

🌻 The collaborative editing software that runs Wikipedia. Mirror from https://gerrit.wikimedia.org/g/mediawiki/core. See https://mediawiki.org/wiki/Developer_access for contributing.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-41800 ↗	Oct 11, 2021Monday, 11 October 2021, 08:15	5.3 MEDIUM	5 MEDIUM
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
CVE-2015-6727 ↗	Sep 1, 2015Tuesday, 1 September 2015, 14:59	—	5 MEDIUM
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.
CVE-2013-7444 ↗	Sep 1, 2015Tuesday, 1 September 2015, 14:59	—	5 MEDIUM
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.
CVE-2014-2853 ↗	Apr 29, 2014Tuesday, 29 April 2014, 18:55	—	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action.