FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mediawiki -- multiple vulnerabilities

Affected packages
mediawiki131 < 1.31.16
mediawiki135 < 1.35.4
mediawiki136 < 1.36.2


VuXML ID f84ab297-2285-11ec-9e79-08002789875b
Discovery 2021-06-24
Entry 2021-10-01

Mediawiki reports:

(T285515, CVE-2021-41798) SECURITY: XSS vulnerability in Special:Search.

(T290379, CVE-2021-41799) SECURITY: ApiQueryBacklinks can cause a full table scan.

(T284419, CVE-2021-41800) SECURITY: fix PoolCounter protection of Special:Contributions.

(T279090, CVE-2021-41801) SECURITY: ReplaceText continues performing actions if the user no longer has the correct permission (such as by being blocked).


CVE Name CVE-2021-41798
CVE Name CVE-2021-41799
CVE Name CVE-2021-41800
CVE Name CVE-2021-41801