Vulnerability Details : CVE-2014-3966
Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2014-3966
- cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.2:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.5:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.3:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.7:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.6:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.4:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.8:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.4:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.10:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.9:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.2:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.5:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.3:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.6:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.12:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.4:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.11:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.7:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.5:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.13:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.19.14:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.22.6:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.9:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.21.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3966
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3966
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.6
|
LOW | AV:N/AC:H/Au:N/C:N/I:P/A:N |
4.9
|
2.9
|
NIST |
CWE ids for CVE-2014-3966
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3966
-
https://bugzilla.wikimedia.org/show_bug.cgi?id=65501
⚓ T67501 Javascript inject by anonymous users on private wikis with $wgRawHtml enabled
-
http://www.securitytracker.com/id/1030364
MediaWiki Input Validation Flaw in 'Special:PasswordReset' Permits Cross-Site Scripting Attacks - SecurityTracker
-
http://www.openwall.com/lists/oss-security/2014/06/04/15
oss-security - Re: CVE request: mediawiki invalid usernames on Special:PasswordReset were parsed as wikitext
-
http://www.securityfocus.com/bid/67787
MediaWiki 'Special:PasswordReset' Cross Site Scripting Vulnerability
-
http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-May/000151.html
[MediaWiki-announce] MediaWiki Security and Maintenance Releases: 1.19.16, 1.21.10 and 1.22.7Patch;Vendor Advisory
-
http://www.debian.org/security/2014/dsa-2957
Debian -- Security Information -- DSA-2957-1 mediawiki
Jump to