VDB
GCVE-110-MAGEIA-2013-276
GCVE-110-MAGEIA-2013-276
Advisory Published
Full path disclosure in MediaWiki before 1.20.7, when an invalid language
is specified in ResourceLoader (CVE-2013-4301).
Several API modules in MediaWiki before 1.20.7 allowed anti-CSRF tokens
to be accessed via JSONP (CVE-2013-4302).
An issue with the MediaWiki API in MediaWiki before 1.20.7 where an
invalid property name could be used for XSS with older versions of
Internet Explorer (CVE-2013-4303).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mediawiki | 1.20.7-1.mga2 (unaffected), 0 (affected) | — |
| Mageia | mediawiki | 0 (affected), 1.20.7-1.mga3 (unaffected) | — |
Browse GCVE Records
73,685 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.