Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

Remediation

References

CVE-2013-6453

Related Vulnerabilities

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)

IBM WebSEAL Incorrect Default Permissions Vulnerability (CVE-2024-35139)

Oracle Application Server Other Vulnerability (CVE-2002-0947)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14718)

MongoDb Improper Input Validation Vulnerability (CVE-2019-2389)

Severity

High

Classification

CVE-2013-6453 CWE-20

Tags

Missing Update Known Vulnerabilities