| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2018-0504 | Information disclosure in Special:Redirect/logid | mediawiki | mediawiki | 中危 | - | 2018-10-04 20:00:00 | Deep Dive |
| CVE-2018-0505 | BotPasswords can bypass CentralAuth's account lock | mediawiki | mediawiki | 中危 | - | 2018-10-04 20:00:00 | Deep Dive |
| CVE-2018-13258 | Tarball was missing .htaccess files | mediawiki | mediawiki | 中危 | - | 2018-10-04 20:00:00 | Deep Dive |
| CVE-2017-0361 | api.log contains passwords in plaintext | mediawiki | mediawiki | 高危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0362 | "Mark all pages visited" on the watchlist does not require a CSRF token | mediawiki | mediawiki | 高危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0363 | Special:UserLogin?returnto=interwiki:foo will redirect to external sites | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0364 | Special:Search allows redirects to any interwiki link | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0365 | XSS in SearchHighlighter::highlightText() [requires non-default config] | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0366 | SVG filter evasion using default attribute values in DTD declaration | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0367 | Having LocalisationCache directory default to system tmp directory is insecure | mediawiki | mediawiki | 高危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0368 | Make rawHTML mode not apply to system messages | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0369 | Sysops can undelete pages, although the page is protected against it | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0370 | Spam blacklist ineffective on encoded URLs inside file inclusion syntax's link parameter | mediawiki | mediawiki | 中危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-0372 | Parameters injection in SyntaxHighlight results in multiple vulnerabilities | mediawiki | mediawiki (SyntaxHighlight extension) | 超危 | - | 2018-04-13 16:00:00 | Deep Dive |
| CVE-2017-8808 | MediaWiki 跨站脚本漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 中危 | - | 2017-11-15 08:00:00 | Deep Dive |
| CVE-2017-8809 | MediaWiki 安全漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 超危 | - | 2017-11-15 08:00:00 | Deep Dive |
| CVE-2017-8810 | MediaWiki 安全漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 高危 | - | 2017-11-15 08:00:00 | Deep Dive |
| CVE-2017-8811 | MediaWiki 安全漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 中危 | - | 2017-11-15 08:00:00 | Deep Dive |
| CVE-2017-8812 | MediaWiki 安全漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 中危 | - | 2017-11-15 08:00:00 | Deep Dive |
| CVE-2017-8814 | MediaWiki language converter 安全漏洞 | - | MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 | 高危 | - | 2017-11-15 08:00:00 | Deep Dive |