CVE-2017-0372
Publication date 13 April 2018
Last updated 25 August 2025
Ubuntu priority
Description
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| mediawiki | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
9.8 · Critical
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H