Mediawiki : Security vulnerabilities, CVEs Information leak published in April 2015

CVE-2015-2935

MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT."

Max CVSS

5.0

EPSS Score

0.80%

Published

2015-04-13

Updated

2016-12-07

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Mediawiki : Security Vulnerabilities, CVEs, Published In April 2015 (Information Leak)

CVE-2015-2935