vulnerability
FreeBSD: VID-e59fed96-60da-11ee-9102-000c29de725b (CVE-2023-3550): mediawiki -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:M/Au:S/C:C/I:C/A:N) | Oct 2, 2023 | Oct 2, 2023 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:M/Au:S/C:C/I:C/A:N)
Published
Oct 2, 2023
Added
Oct 2, 2023
Modified
Dec 10, 2025
Description
Mediawikwi reports: (T264765, CVE-2023-PENDING) SECURITY: Users without correct permission are incorrectly shown MediaWiki:Missing-revision-permission. (T333050, CVE-2023-PENDING) SECURITY: Fix infinite loop for self-redirects with variants conversion. (T340217, CVE-2023-PENDING) SECURITY: Vector 2022: Numerous unescaped messages leading to potential XSS. (T340220, CVE-2023-PENDING) SECURITY: Vector 2022: vector-intro-page message is assumed to yield a valid title. (T340221, CVE-2023-PENDING) SECURITY: XSS via 'youhavenewmessagesmanyusers' and 'youhavenewmessages' messages. (T341529, CVE-2023-PENDING) SECURITY: diff-multi-sameuser ("X intermediate revisions by the same user not shown") ignores username suppression. (T341565, CVE-2023-3550) SECURITY: Stored XSS when uploading crafted XML file to Special:Upload (non-standard configuration).
Solutions
freebsd-upgrade-package-mediawiki135freebsd-upgrade-package-mediawiki139freebsd-upgrade-package-mediawiki140
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.