vulnerability

MediaWiki: Improper Input Validation (CVE-2017-0366)

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Apr 13, 2018	Oct 23, 2019	Oct 23, 2019

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Apr 13, 2018

Added

Oct 23, 2019

Modified

Oct 23, 2019

Description

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration.

mediawiki-upgrade-1_27_2mediawiki-upgrade-1_28_1

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.