MediaWiki Two Vulnerabilities
Application: MediaWiki
Affected Version: versions prior to 1.18.6, 1.19.3, and 1.20.1.
Vendor’s URL: MediaWiki
Bug Type: Hijacking, DOS
Risk Level: Critical
Solution:
Update to version 1.18.6, 1.19.3, or 1.20.1.
Application: MediaWiki
Affected Version: versions prior to 1.18.6, 1.19.3, and 1.20.1.
Vendor’s URL: MediaWiki
Bug Type: Hijacking, DOS
Risk Level: Critical
Solution:
Update to version 1.18.6, 1.19.3, or 1.20.1.
Application: Plone
Affected Version: Plone 2.x, 3.x, 4.x.
Vendor’s URL: Plone
Bug Type: Security Bypass, Cross Site Scripting, DOS, Brute force, System Access
Risk Level: Critical
Solution:
Apply patches.
Access Bypass, Content Management, Cross Site Scripting, Denial Of Service
Application: WordPress
Affected Version: versions prior to 3.1.1.
Vendor’s URL: WordPress
Bug Type: Cross-Site Scripting and Denial of Service
Risk Level: Critical
Solution:
Update to version 3.1.1.
Application: WordPress
Affected Version: versions prior to 2.8.5.
Vendor’s URL: WordPress
Bug Type: Denial of Service
Risk Level: Medium
Solution:
Update to version 2.8.5.
http://wordpress.org/download/
Application: Drupal
Affected Version: prior to 4.7.11 and 5.6.
Vendor’s URL: http://www.drupal.org/
Bug Type: Cross Site Scripting
Risk Level: Critical
Solution:
Update to 4.7.11 or 5.6.
Application: Mambo
Affected Version: all 4.5.x and 4.6.x versions.
Vendor’s URL: http://www.mambo-foundation.org/
Bug Type: Denial of Service
Risk Level: Medium
Solution:
Apply patch below:
Patch 4.6.x
Patch 4.5.x