Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:153)

High Nessus Plugin ID 77041


The remote Mandriva Linux host is missing one or more security updates.


Updated mediawiki packages fix security vulnerabilities :

MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash, XSS in, and clickjacking between OutputPage and ParserOutput.

This update provides MediaWiki 1.23.2, fixing these and other issues.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 77041

File Name: mandriva_MDVSA-2014-153.nasl

Version: $Revision: 1.1 $

Type: local

Published: 2014/08/07

Modified: 2014/08/07

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:mediawiki, p-cpe:/a:mandriva:linux:mediawiki-mysql, p-cpe:/a:mandriva:linux:mediawiki-pgsql, p-cpe:/a:mandriva:linux:mediawiki-sqlite, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2014/08/06

Reference Information

MDVSA: 2014:153