MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)

Description

The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk."

Remediation

References

CVE-2017-8814

Related Vulnerabilities

Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)

WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting (2.2.10)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)

MySQL CVE-2015-4802 Vulnerability (CVE-2015-4802)

WordPress Plugin SMTP Mail Cross-Site Scripting (1.3.1)

Severity

High

Classification

CVE-2017-8814 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N