CVE-2013-2114
EPSS 1.4%
Description
Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
How to fix CVE-2013-2114
To remediate CVE-2013-2114, upgrade the affected package to a fixed version below.
- Debian/mediawiki—upgrade to 1:1.19.7+dfsg-1 or later
Is CVE-2013-2114 being exploited?
Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:1.19.7+dfsg-1