CVE-2021-44855

CVSS V2 None CVSS V3 None
Description
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. There is Blind Stored XSS via a URL to the Upload Image feature.
Overview
  • CVE ID
  • CVE-2021-44855
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-26T05:15:10
  • Last Modified Date
  • 2023-01-04T02:04:51
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* 1 OR 1.35.5
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* 1 OR 1.36.0 1.36.3
cpe:2.3:a:mediawiki:mediawiki:1.37.0:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc2:*:*:*:*:*:* 1 OR
References
Reference URL Reference Tags
https://phabricator.wikimedia.org/T293589
History
Created Old Value New Value Data Type Notes
2022-12-26 05:15:56 Added to TrackCVE
2022-12-27 14:15:49 2022-12-27T13:48:11 CVE Modified Date updated
2022-12-27 14:15:49 Received Awaiting Analysis Vulnerability Status updated
2022-12-30 18:15:51 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-04 02:15:22 2023-01-04T02:04:51 CVE Modified Date updated
2023-01-04 02:15:22 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-04 02:15:23 Weakness Enumeration new
2023-01-04 02:15:23 CPE Information updated