Home > Vulnerability Database > CVE-2023-45359

Mend.io Vulnerability Database

CVE-2023-45359

Good to know:

Date: October 8, 2024

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure For the oldstable distribution

Language: PHP

Severity Score

6.5

Related Resources (4)

Url: https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/skins/Vector/+/c17b956e0750e051ac7c1098e3ff625f0db82b2c

Url: https://phabricator.wikimedia.org/T340217

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-45359

Url: https://www.mend.io/vulnerability-database/CVE-2023-45359

Severity Score

6.5

Weakness Type (CWE)

Improper Encoding or Escaping of Output

CWE-116

Top Fix

Upgrade Version

Upgrade to version mediawiki/vector-skin - dev-wmf/1.40.0-wmf.1;mediawiki/vector-skin - dev-wmf/1.40.0-wmf.3;mediawiki/vector-skin - dev-wmf/1.40.0-wmf.2;mediawiki/vector-skin - dev-wmf/1.41.0-wmf.30;mediawiki/vector-skin - dev-wmf/1.41.0-wmf.17;mediawiki/vector-skin - dev-wmf/1.41.0-wmf.20;mediawiki/vector-skin - dev-REL1_42;mediawiki/vector-skin - dev-wmf/next

Learn More

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-45359

Good to know:

Date: October 8, 2024

Language: PHP

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?