CVE-2017-0372

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-0372

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0372.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-0372

Downstream

DEBIAN-CVE-2017-0372

UBUNTU-CVE-2017-0372

Published

2018-04-13T16:29:00.940Z

Modified

2026-02-26T00:59:23.172701Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type: GIT
Repo: https://github.com/wikimedia/mediawiki
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

49aff6403bb75ab69baaa369ce87920333ba59d6

Affected versions

1.*

1.1.0

1.23.0

1.23.0-rc.1

1.23.0-rc.2

1.23.0-rc.3

1.23.0rc0

1.23.1

1.23.10

1.23.11

1.23.12

1.23.13

1.23.14

1.23.15

1.23.2

1.23.3

1.23.4

1.23.5

1.23.6

1.23.7

1.23.8

1.23.9

1.3.0beta1

1.5.0alpha1

1.5.0alpha2

1.5.0beta1

1.5.0beta2

1.5.0beta3

1.5.0beta4

1.6.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0372.json"