Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MediaWiki Improper Input Validation Vulnerability (CVE-2017-0368)

Description

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages.

Remediation

References

Related Vulnerabilities

Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801)

WordPress Plugin http:BL Multiple Vulnerabilities (1.9.1)

MySQL CVE-2020-2584 Vulnerability (CVE-2020-2584)

Envoy Proxy Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability (CVE-2022-29225)

WordPress Plugin Calendar Event Multi View Multiple Vulnerabilities (1.1.4)

Severity

Medium

Classification

CVE-2017-0368 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities