Summary
The host is installed with MediaWiki and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site and attacker can gain sensitive information.
Impact Level: Application
Solution
Upgrade to MediaWiki 1.19.12 or 1.21.6 or 1.22.3 or later.
For updates refer to http://www.mediawiki.org/wiki/MediaWiki
Insight
The multiple flaws are due to an,
- Input passed via 'text' parameter to 'api.php' is not properly sanitised before being returned to the user.
- Input to 'includes/upload/UploadBase.php' script is not properly sanitised during the uploading of an SVG namespace.
- Error in 'includes/User.php' script in 'theloadFromSession' function.
Affected
Mediawiki version 1.19.x before 1.19.12, 1.20.x, 1.21.x before 1.21.6 and 1.22.x before 1.22.3
Detection
Send a crafted data via HTTP GET request and check whether it is possible to read the cookie or not.
References
Severity
Classification
-
CVE CVE-2014-2242, CVE-2014-2243, CVE-2014-2244 -
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N
Related Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS
- AN Guestbook Local File Inclusion Vulnerability