{"id":"MGASA-2024-0155","summary":"Updated mediawiki packages fix security vulnerabilities","details":"Mediawiki v1.40.0 does not validate namespaces used in XML files.\nTherefore, if the instance administrator allows XML file uploads, a\nremote attacker with a low-privileged user account can use this exploit\nto become an administrator by sending a malicious link to the instance\nadministrator. (CVE-2023-3550)\nAn issue was discovered in MediaWiki before 1.35.12, 1.36.x through\n1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in\nyouhavenewmessagesmanyusers and youhavenewmessages i18n messages. This\nis related to MediaWiki:Youhavenewmessagesfromusers. (CVE-2023-45360)\nAn issue was discovered in DifferenceEngine.php in MediaWiki before\n1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1.\ndiff-multi-sameuser (aka \"X intermediate revisions by the same user not\nshown\") ignores username suppression. This is an information leak.\n(CVE-2023-45362)\nAn issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12,\n1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows\nattackers to cause a denial of service (unbounded loop and\nRequestTimeoutException) when querying pages redirected to other\nvariants with redirects and converttitles set. (CVE-2023-45363)\nAn issue was discovered in includes/page/Article.php in MediaWiki 1.36.x\nthrough 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision\nexistence is leaked due to incorrect permissions being checked. This\nreveals that a given revision ID belonged to the given page title, and\nits timestamp, both of which are not supposed to be public information.\n(CVE-2023-45364)\nAn issue was discovered in MediaWiki before 1.35.14, 1.36.x through\n1.39.x before 1.39.6, and 1.40.x before 1.40.2. In\nincludes/logging/RightsLogFormatter.php, group-*-member messages can\nresult in XSS on Special:log/rights. (CVE-2023-51704)\n","modified":"2026-04-16T00:09:14.759054284Z","published":"2024-04-30T22:25:14Z","upstream":["CVE-2023-3550","CVE-2023-45359","CVE-2023-45360","CVE-2023-45361","CVE-2023-45362","CVE-2023-45363","CVE-2023-45364","CVE-2023-51704"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0155.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33156"}],"affected":[{"package":{"name":"mediawiki","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/mediawiki?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.35.14-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0155.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}