Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

Remediation

References

CVE-2013-6453

Related Vulnerabilities

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.0)

SharePoint CVE-2021-1726 Vulnerability (CVE-2021-1726)

WordPress 2.1.2 Multiple Vulnerabilities (2.1 - 2.1.2)

Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266)

WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (4.0.6)

Severity

High

Classification

CVE-2013-6453 CWE-20

Tags

Missing Update Known Vulnerabilities