all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-3550 (mediawiki)

Add to bookmarks
Sept. 25, 2023, 4:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Mediawiki v1.40.0 does not validate namespaces used in XML files.

Therefore, if the instance administrator allows XML file uploads,

a remote attacker with a low-privileged user account can use this

exploit to become an administrator by sending a malicious link to

the instance administrator.

account attacker cve exploit file files instance link low malicious malicious link namespaces privileged privileged user xml

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SITEC - Pen Tester

@ Peraton | MacDill AFB, FL, United States
View on infosec-jobs.com

Information Security Specialist (Sr. OT Security Engineer)

@ Vertiv | Philippines
View on infosec-jobs.com

Product Security Engineer

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Cybersecurity Tools Engineer

@ Uni Systems | Mons, Wallonia, Belgium
View on infosec-jobs.com

Baseband Security Lead

@ Babcock | Corsham, GB, SN13 9NP
View on infosec-jobs.com

Cyber Network Defense Analyst III

@ KBR, Inc. | VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA
View on infosec-jobs.com
View more jobs