CVE-2021-30152
https://notcve.org/view.php?id=CVE-2021-30152
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for. Se detectó un problema en MediaWiki versiones anteriores a 1.31.13 y versiones 1.32.x hasta 1.35.x versiones anteriores a 1.35.2. Cuando es usada la API de MediaWiki para "proteger" una página, un usuario actualmente puede proteger a un nivel más alto del que actualmente posee permisos • https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26UJGHF7LJDOCQN6A3Z4PM7PYRKENJHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OMSV7B2TCFBOCICN3B4SMQP5HVRJQIT https://phabricator.wikimedia.org/T270713 https://security.gentoo.org/glsa/202107-40 https://www.debian.org/security/2021/dsa-4889 • CWE-269: Improper Privilege Management •
CVE-2021-30154
https://notcve.org/view.php?id=CVE-2021-30154
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header-* messages are output in HTML unescaped, leading to XSS. Se detectó un problema en MediaWiki versiones anteriores a 1.31.12 y versiones 1.32.x hasta 1.35.x anteriores a 1.35.2. En Special: NewFiles, todos los mensajes mediastatistics-header-* son generados en HTML sin escape, conllevando a una vulnerabilidad de tipo XSS • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26UJGHF7LJDOCQN6A3Z4PM7PYRKENJHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OMSV7B2TCFBOCICN3B4SMQP5HVRJQIT https://phabricator.wikimedia.org/T278014 https://security.gentoo.org/glsa/202107-40 https://www.debian.org/security/2021/dsa-4889 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-30157
https://notcve.org/view.php?id=CVE-2021-30157
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter-* label messages are output in HTML unescaped, leading to XSS. Se detectó un problema en MediaWiki versiones anteriores a 1.31.12 y versiones 1.32.x hasta 1.35.x versiones anteriores a 1.35.2. En las páginas especiales de ChangesList, como Special:RecentChanges y Special:Watchlist, algunos de los mensajes de etiqueta rcfilters-filter-* son generados en HTML sin escape, conllevando a una vulnerabilidad de tipo XSS • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26UJGHF7LJDOCQN6A3Z4PM7PYRKENJHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OMSV7B2TCFBOCICN3B4SMQP5HVRJQIT https://phabricator.wikimedia.org/T278058 https://security.gentoo.org/glsa/202107-40 https://www.debian.org/security/2021/dsa-4889 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-30158
https://notcve.org/view.php?id=CVE-2021-30158
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been compromised, and yet is not able to block any potential future use of the token by an unauthorized party. Se detectó un problema en MediaWiki versiones anteriores a 1.31.12 y versiones 1.32.x hasta 1.35.x anteriores a 1.35.2. Los usuarios bloqueados no pueden usar Special:ResetTokens. • https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26UJGHF7LJDOCQN6A3Z4PM7PYRKENJHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OMSV7B2TCFBOCICN3B4SMQP5HVRJQIT https://phabricator.wikimedia.org/T277009 https://security.gentoo.org/glsa/202107-40 https://www.debian.org/security/2021/dsa-4889 • CWE-287: Improper Authentication •
CVE-2020-29004
https://notcve.org/view.php?id=CVE-2020-29004
The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack. La API en la extensión Push para MediaWiki versiones hasta 1.35, no requería un token de edición en el archivo ApiPushBase.php y, por lo tanto, facilitó un ataque de tipo CSRF • https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Push/+/625988 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Push/+/625988/10/src/api/ApiPushBase.php https://phabricator.wikimedia.org/T262724 • CWE-352: Cross-Site Request Forgery (CSRF) •