Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2013-2031

Disclosure Date: November 18, 2013
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • gentoo,
  • mediawiki

Products

  • linux,
  • mediawiki,
  • mediawiki 1.1.0,
  • mediawiki 1.10.0,
  • mediawiki 1.10.1,
  • mediawiki 1.10.2,
  • mediawiki 1.10.3,
  • mediawiki 1.10.4,
  • mediawiki 1.11,
  • mediawiki 1.11.0,
  • mediawiki 1.11.1,
  • mediawiki 1.11.2,
  • mediawiki 1.12.0,
  • mediawiki 1.12.1,
  • mediawiki 1.12.2,
  • mediawiki 1.12.3,
  • mediawiki 1.12.4,
  • mediawiki 1.13.0,
  • mediawiki 1.13.1,
  • mediawiki 1.13.2,
  • mediawiki 1.13.3,
  • mediawiki 1.13.4,
  • mediawiki 1.14.0,
  • mediawiki 1.14.1,
  • mediawiki 1.15.0,
  • mediawiki 1.15.1,
  • mediawiki 1.15.2,
  • mediawiki 1.15.3,
  • mediawiki 1.15.4,
  • mediawiki 1.15.5,
  • mediawiki 1.16.0,
  • mediawiki 1.16.1,
  • mediawiki 1.16.2,
  • mediawiki 1.17,
  • mediawiki 1.17.0,
  • mediawiki 1.17.1,
  • mediawiki 1.17.2,
  • mediawiki 1.17.3,
  • mediawiki 1.17.4,
  • mediawiki 1.18,
  • mediawiki 1.18.0,
  • mediawiki 1.18.1,
  • mediawiki 1.18.2,
  • mediawiki 1.18.3,
  • mediawiki 1.19,
  • mediawiki 1.19.0,
  • mediawiki 1.19.1,
  • mediawiki 1.19.2,
  • mediawiki 1.19.3,
  • mediawiki 1.19.4,
  • mediawiki 1.20.1,
  • mediawiki 1.20.2,
  • mediawiki 1.20.3,
  • mediawiki 1.20.4
Technical Analysis