MediaWiki < 1.19.23 / 1.22.15 / 1.23.8 / 1.24.1 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8611
SynopsisThe remote web server is running a PHP application that is affected by a security bypass and cross-site scripting vulnerability.
DescriptionIn versions older than 1.24.1, 1.22.15 or 1.19.23 or 1.23.8, MediaWiki contains a flaw in API handling which allows an attacker to bypass authentication. This issue occurs when a website includes an allowed domain as part of its name in '$wgCrossSiteAJAXdomains' in API calls. An attacker can exploit this issue to bypass CORS restrictions. Older versions of MediaWiki are also prone to a cross-site scripting vulnerability because 'thumb.php' script fails to properly sanitize user-supplied input when handling wikitext messages before returning it to the users.
SolutionUpgrade to MediaWiki version 1.24.1. Alternatively, versions 1.19.23, 1.22.15, and 1.23.8 or later are patched for these vulnerabilities.