vulnerability
FreeBSD: VID-b50f53ce-2151-11e6-8dd3-002590263bf5: mediawiki -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:C/I:N/A:C) | May 24, 2016 | May 24, 2016 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:C)
Published
May 24, 2016
Added
May 24, 2016
Modified
Dec 10, 2025
Description
Mediawiki reports: Security fixes: T122056: Old tokens are remaining valid within a new session T127114: Login throttle can be tricked using non-canonicalized usernames T123653: Cross-domain policy regexp is too narrow T123071: Incorrectly identifying http link in a's href attributes, due to m modifier in regex T129506: MediaWiki:Gadget-popups.js isn't renderable T125283: Users occasionally logged in as different users after SessionManager deployment T103239: Patrol allows click catching and patrolling of any page T122807: [tracking] Check php crypto primatives T98313: Graphs can leak tokens, leading to CSRF T130947: Diff generation should use PoolCounter T133507: Careless use of $wgExternalLinkTarget is insecure T132874: API action=move is not rate limited
Solutions
freebsd-upgrade-package-mediawiki123freebsd-upgrade-package-mediawiki124freebsd-upgrade-package-mediawiki125freebsd-upgrade-package-mediawiki126
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.