{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-08-01T00:00:00.000Z","descriptions":[{"lang":"en","value":"MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-01-04T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html"},{"name":"DSA-3011","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2014/dsa-3011"},{"name":"MDVSA-2014:153","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:153"},{"name":"59738","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/59738"},{"name":"[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2014/08/14/5"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.wikimedia.org/show_bug.cgi?id=65778"},{"tags":["x_refsource_CONFIRM"],"url":"http://advisories.mageia.org/MGASA-2014-0309.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2014-5243","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","refsource":"MLIST","url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html"},{"name":"DSA-3011","refsource":"DEBIAN","url":"http://www.debian.org/security/2014/dsa-3011"},{"name":"MDVSA-2014:153","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:153"},{"name":"59738","refsource":"SECUNIA","url":"http://secunia.com/advisories/59738"},{"name":"[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2014/08/14/5"},{"name":"https://bugzilla.wikimedia.org/show_bug.cgi?id=65778","refsource":"CONFIRM","url":"https://bugzilla.wikimedia.org/show_bug.cgi?id=65778"},{"name":"http://advisories.mageia.org/MGASA-2014-0309.html","refsource":"CONFIRM","url":"http://advisories.mageia.org/MGASA-2014-0309.html"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T11:41:48.324Z"},"title":"CVE Program Container","references":[{"name":"[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html"},{"name":"DSA-3011","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2014/dsa-3011"},{"name":"MDVSA-2014:153","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:153"},{"name":"59738","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/59738"},{"name":"[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2014/08/14/5"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.wikimedia.org/show_bug.cgi?id=65778"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://advisories.mageia.org/MGASA-2014-0309.html"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2014-5243","datePublished":"2014-08-22T17:00:00.000Z","dateReserved":"2014-08-14T00:00:00.000Z","dateUpdated":"2024-08-06T11:41:48.324Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}