Vulnerability CVE-2014-3966

Vulnerability Name:

CVE-2014-3966 (CCN-93628)

Assigned:

2014-06-04

Published:

2014-06-04

Updated:

2017-12-29

Summary:

Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
2.2 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-79

Vulnerability Consequences:

Cross-Site Scripting

References:

Source: MITRE
Type: CNA
CVE-2014-3966

Source: MLIST
Type: Patch, Vendor Advisory
[MediaWiki-announce] 20140529 MediaWiki Security and Maintenance Releases: 1.19.16, 1.21.10 and 1.22.7

Source: SECUNIA
Type: UNKNOWN
58834

Source: SECUNIA
Type: UNKNOWN
58896

Source: DEBIAN
Type: UNKNOWN
DSA-2957

Source: CCN
Type: MediaWiki Web site
MediaWiki

Source: MLIST
Type: UNKNOWN
[oss-security] 20140604 Re: CVE request: mediawiki invalid usernames on Special:PasswordReset were parsed as wikitext

Source: CCN
Type: OSVDB ID: 107528
MediaWiki Special:PasswordReset Username XSS

Source: BID
Type: UNKNOWN
67787

Source: CCN
Type: BID-67787
MediaWiki 'Special:PasswordReset' Cross Site Scripting Vulnerability

Source: SECTRACK
Type: UNKNOWN
1030364

Source: CCN
Type: Red Hat Bugzilla Bug 1104222
CVE-2014-3966 mediawiki: XSS flaw due to improper parsing of Special:PasswordReset

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.wikimedia.org/show_bug.cgi?id=65501

Source: XF
Type: UNKNOWN
mediawiki-cve20143966-xss(93628)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3966

Vulnerable Configuration:

Configuration 1:

cpe:/a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.2:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.3:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.4:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.5:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.6:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.7:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.8:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.9:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.10:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.11:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.12:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.13:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.19.14:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:*:*:*:*:*:*:*:* (Version <= 1.19.15)

Configuration 2:

cpe:/a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.1:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.2:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.3:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.4:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.5:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.6:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:mediawiki:mediawiki:1.21:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.4:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.5:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.6:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.7:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.8:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.9:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mediawiki:mediawiki:1.19.15:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.22.6:*:*:*:*:*:*:*

OR cpe:/a:mediawiki:mediawiki:1.21.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:25068	P	DSA-2957-1 mediawiki - security update	2014-08-11
oval:com.ubuntu.bionic:def:201439660000000	V	CVE-2014-3966 on Ubuntu 18.04 LTS (bionic) - medium.	2014-06-06
oval:com.ubuntu.artful:def:20143966000	V	CVE-2014-3966 on Ubuntu 17.10 (artful) - medium.	2014-06-06
oval:com.ubuntu.trusty:def:20143966000	V	CVE-2014-3966 on Ubuntu 14.04 LTS (trusty) - medium.	2014-06-06
oval:com.ubuntu.disco:def:201439660000000	V	CVE-2014-3966 on Ubuntu 19.04 (disco) - medium.	2014-06-06
oval:com.ubuntu.bionic:def:20143966000	V	CVE-2014-3966 on Ubuntu 18.04 LTS (bionic) - medium.	2014-06-06
oval:com.ubuntu.cosmic:def:20143966000	V	CVE-2014-3966 on Ubuntu 18.10 (cosmic) - medium.	2014-06-06
oval:com.ubuntu.cosmic:def:201439660000000	V	CVE-2014-3966 on Ubuntu 18.10 (cosmic) - medium.	2014-06-06
oval:com.ubuntu.precise:def:20143966000	V	CVE-2014-3966 on Ubuntu 12.04 LTS (precise) - medium.	2014-06-06

BACK