Pleasestand

**Nome do software vulnerável e versões afetadas: Extensão Scribunto do MediaWiki (versões afetadas não especificadas) Descrição: A vulnerabilidade permite que invasores remotos obtenham informações confidenciais, como o token de reversão, utilizando um módulo malicioso. Isso está relacionado à remoção de tags HTML em páginas especiais. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** MediaWiki ExpandTemplates extension (affected versions not specified) **Description** A cross-site scripting (XSS) issue exists in the preview functionality of the ExpandTemplates extension for MediaWiki. This occurs when the $wgRawHTML setting is enabled, allowing remote attackers to inject arbitrary web script or HTML through the `wpInput` parameter to the "Special:ExpandTemplates" page. **Recommendations** For the affected version of the MediaWiki ExpandTemplates extension, consider disabling the $wgRawHTML setting to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the Special:ExpandTemplates page to minimize the risk of exploitation. Avoid using the `wpInput` parameter in the affected page until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.20.x through 1.22.x before 1.22.14 MediaWiki versions 1.23.x before 1.23.7 MediaWiki before 1.19.22 **Description** A cross-site request forgery (CSRF) issue exists in the Special:ExpandedTemplates page of MediaWiki when $wgRawHTML is set to true. This allows remote attackers to hijack the authentication of users with edit permissions for requests that involve cross-site scripting (XSS) attacks via the `wpInput` parameter, which is not properly handled in the preview. **Recommendations** For MediaWiki versions 1.20.x through 1.22.x before 1.22.14, update to version 1.22.14 or later. For MediaWiki versions 1.23.x before 1.23.7, update to version 1.23.7 or later. For MediaWiki before 1.19.22, update to version 1.19.22 or later. As a temporary workaround, consider setting $wgRawHTML to false to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.19.22 MediaWiki versions 1.20.x through 1.22.x before 1.22.14 MediaWiki versions 1.23.x before 1.23.7 **Description** The issue allows remote attackers to conduct PHP object injection attacks via a crafted string containing `<cross-domain-policy>` in a PHP format request. This occurs because the `wfMangleFlashPolicy` function in `OutputHandler.php` causes the string length to change when converting the request to `<NOT-cross-domain-policy>`. **Recommendations** For MediaWiki versions prior to 1.19.22, update to version 1.19.22 or later. For MediaWiki versions 1.20.x through 1.22.x before 1.22.14, update to version 1.22.14 or later. For MediaWiki versions 1.23.x before 1.23.7, update to version 1.23.7 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.20.x through 1.22.x before 1.22.9 MediaWiki versions 1.23.x before 1.23.2 MediaWiki before 1.19.18 **Description** The issue makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, as it does not enforce an IFRAME protection mechanism for transcluded pages. **Recommendations** For MediaWiki versions 1.20.x through 1.22.x before 1.22.9, update to version 1.22.9 or later. For MediaWiki versions 1.23.x before 1.23.2, update to version 1.23.2 or later. For MediaWiki before 1.19.18, update to version 1.19.18 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.21.9 MediaWiki versions 1.22.x prior to 1.22.6 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action. This occurs due to insufficient input validation in the includes/actions/InfoAction.php file. **Recommendations** For MediaWiki versions prior to 1.21.9, update to version 1.21.9 or later. For MediaWiki versions 1.22.x prior to 1.22.6, update to version 1.22.6 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.19.x through 1.19.8 MediaWiki versions 1.20.x through 1.20.7 MediaWiki versions 1.21.x through 1.21.2 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS. This can be achieved by using variations of "expression" containing full width characters or IPA extensions, which are converted and rendered by Internet Explorer. **Recommendations** For MediaWiki versions 1.19.x through 1.19.8, update to version 1.19.9 or later. For MediaWiki versions 1.20.x through 1.20.7, update to version 1.20.8 or later. For MediaWiki versions 1.21.x through 1.21.2, update to version 1.21.3 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.19.x through 1.19.8 MediaWiki versions 1.20.x through 1.20.7 MediaWiki versions 1.21.x through 1.21.2 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via a b (backspace) character in CSS. This is due to an incomplete blacklist vulnerability in the Sanitizer::checkCss function. **Recommendations** For MediaWiki versions 1.19.x through 1.19.8, update to version 1.19.9 or later. For MediaWiki versions 1.20.x through 1.20.7, update to version 1.20.8 or later. For MediaWiki versions 1.21.x through 1.21.2, update to version 1.21.3 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.16.1 **Description** The issue allows remote attackers to conduct clickjacking attacks via unspecified vectors when user or site JavaScript or CSS is enabled. **Recommendations** For versions prior to 1.16.1, update to version 1.16.1 or later to resolve the issue. As a temporary workaround, consider disabling user or site JavaScript and CSS until a patch is available.