Описание
MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.23.2 |
| cosmic | not-affected | 1.23.2 |
| devel | not-affected | 1.23.2 |
| disco | not-affected | 1.23.2 |
| esm-apps/bionic | not-affected | 1.23.2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.2 ...
MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
EPSS
4.3 Medium
CVSS2