VDB

GCVE-110-MAGEIA-2016-305

GCVE-110-MAGEIA-2016-305
Advisory Published
Vulnetix · Advisory published September 16, 2016
Check read permission when loading page content in ApiParse (CVE-2016-6331) Make blocks log users out if $wgBlockDisablesLogin is true (CVE-2016-6332) Make $wgBlockDisablesLogin also restrict logged in permissions (CVE-2016-6332) Require login to preview user CSS pages (CVE-2016-6333) Escape '<' and ']]>' in inline <style> blocks (CVE-2016-6333) XSS in unclosed internal links (CVE-2016-6334) API: Generate head items in the context of the given title (CVE-2016-6335) Do not allow undeleting a revision deleted file if it is the top file (CVE-2016-6336) The mediawiki package has been updated to version 1.23.15, which contains the above fixes.

Affected Products

VendorProductVersionsPlatforms
Mageiamediawiki0 (affected), 1.23.15-1.mga5 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›