GCVE - cpe:2.3:a:n/a:mediawiki_before_1.27.4,_1.28.x_before_1.28.3,_and_1.29.x_before

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:mediawiki_before_1.27.4,_1.28.x_before_1.28.3,_and_1.29.x_before_1.29.2:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Mediawiki Before 1.27.4, 1.28.X Before 1.28.3, And 1.29.X Before 1.29.2 (`2125f98a-008b-5ae6-93a2-7b9d3e1c7dbe`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-8815`	vulnerable	2026-06-08 05:10:08.937424	Details available The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules. Published: 2017-11-15T08:00:00.000Z Updated: 2024-08-05T16:48:21.919Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1039812 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://www.debian.org/security/2017/dsa-4036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8814`	vulnerable	2026-06-08 05:10:08.936963	Details available The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk." Published: 2017-11-15T08:00:00.000Z Updated: 2024-08-05T16:48:21.905Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1039812 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://www.debian.org/security/2017/dsa-4036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8812`	vulnerable	2026-06-08 05:10:08.936278	Details available MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline. Published: 2017-11-15T08:00:00.000Z Updated: 2024-08-05T16:48:22.653Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1039812 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://www.debian.org/security/2017/dsa-4036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8811`	vulnerable	2026-06-08 05:10:08.935642	Details available The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks. Published: 2017-11-15T08:00:00.000Z Updated: 2024-08-05T16:48:22.605Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1039812 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://www.debian.org/security/2017/dsa-4036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8810`	vulnerable	2026-06-08 05:10:08.935088	Details available MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests. Published: 2017-11-15T08:00:00.000Z Updated: 2024-08-05T16:48:22.197Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1039812 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://www.debian.org/security/2017/dsa-4036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8809`	vulnerable	2026-06-08 05:10:08.934585	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-8808`	vulnerable	2026-06-08 05:10:08.929698	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Mediawiki Before 1.27.4, 1.28.X Before 1.28.3, And 1.29.X Before 1.29.2

PURL mappings

Vulnerability references

Contribute