CVE-2009-0737

Published Feb 25, 2009

Last updated 15 years ago

CVSS info 2.6

Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.6
Impact score: 2.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3EAF847-B64C-4C12-8BF2-631F61B0618E"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09EF3827-9C87-4043-B10A-1D6AFCB64F57"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08B1EDE8-940E-47C1-9CDA-C6BBE1BB9A11"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4554900-E09D-4D9D-99D4-FE5FDB3CDE78"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93EB0312-A147-4307-9491-46AEC2EC727C"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48929086-E08E-472D-A503-4CA803A840D5"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A98675FD-C9EA-49AB-BA9F-2CF5898203C7"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB9B4718-DF85-4E77-B720-0EC3E0D318BB"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "132A745B-0A1B-4186-8BE2-88C24FF4A455"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E710375D-F5B3-4998-AA7F-F931022CF6F4"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3130C952-83B3-4755-99D7-D25C1447670E"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9842D148-50D2-4A52-A3E1-529670A25EBD"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746023B5-2472-4FC9-BEDF-FE6A321F12B9"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D18C85B-E82B-46AE-959E-3FD32DB6F294"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66714539-F1E1-4C16-AA12-059EEB1B9DF6"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A80044C9-9F76-468E-84F7-D7D529004AE6"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7CD7F5A-F4E4-45B6-9179-BD1BCD75D297"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79CDE6D3-A26D-4ECD-B949-B9DDB53F67C3"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3CC82BE-8DEA-47D7-B6B7-2FFDFB728ADE"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFD79470-63A7-438B-A3BE-CABDAD7F848C"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A26F4C94-E3A5-456E-8E5E-36BA67DD4BD5"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7C6D23B-B5C1-4F10-9F62-E81F639FF40F"
          },
          {
            "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13FA8F3C-2B6C-42FB-A6CE-EC2D8614E43D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References