| Package | mediawiki |
|---|---|
| Version | 1:1.27.7-1+deb9u12 (stretch) |
| Related CVEs | CVE-2022-28201 CVE-2022-28202 CVE-2022-34911 CVE-2022-34912 |
Several security vulnerabilities were discovered in mediawiki, a website engine for collaborative work. Insufficiently escaped input text may allow a malicious user to perform cross-site-scripting (XSS) attacks.
For Debian 9 stretch, these problems have been fixed in version 1:1.27.7-1+deb9u12.
We recommend that you upgrade your mediawiki packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.