CVE-2013-6453

Опубликовано: 12 мая 2014

Источник: debian

EPSS Низкий

Описание

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mediawiki	fixed	1:1.19.10+dfsg-1		package
mediawiki	end-of-life		squeeze	package

Примечания

https://bugzilla.wikimedia.org/show_bug.cgi?id=58553

EPSS

Процентиль: 70%

0.00623

Низкий

Связанные уязвимости

CVE-2013-6453

ubuntu

больше 11 лет назад

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

CVE-2013-6453

nvd

больше 11 лет назад

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

GHSA-g3qp-m89q-7v8m

github

больше 3 лет назад

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

EPSS

Процентиль: 70%

0.00623

Низкий