Approved changes feed: RSS · Atom
cpe:2.3:a:miraheze:datadump:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Miraheze (5ffeb676-d6da-5511-9ca2-20a2724bc0d2) |
|---|---|
| Product | Datadump (6b41cfc2-8f1c-59e6-981b-3c549455ccae) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/miraheze/datadump |
purl2cpe | 2026-06-01 10:11:24.330383 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-47612 |
vulnerable | 2026-06-08 06:48:12.938335 |
XSS in Special:DataDump when displaying dump status
LOW (3.5)
DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). If these messages are edited (which requires the (editinterface) right by default), anyone who can view Special:DataDump (which requires the (view-dump) right by default) can be XSSed. This vulnerability is fixed with 601688ee8e8808a23b102fa305b178f27cbd226d.
Published: 2024-10-02T14:22:52.059Z
Updated: 2024-10-02T15:12:04.288Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32774 |
vulnerable | 2026-06-08 05:32:08.014562 |
Cross-Site Request Forgery (CSRF) in DataDump
MEDIUM (6.1)
DataDump is a MediaWiki extension that provides dumps of wikis. Prior to commit 67a82b76e186925330b89ace9c5fd893a300830b, DataDump had no protection against CSRF attacks so requests to generate or delete dumps could be forged. The vulnerability was patched in commit 67a82b76e186925330b89ace9c5fd893a300830b. There are no known workarounds. You must completely disable DataDump.
Published: 2021-07-20T00:35:11.000Z
Updated: 2024-08-03T23:33:55.818Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.