CVE-2013-2114

EPSS 1.4%

Published: 11/18/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-2114

Description

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

Affected packages (1)

Debian/mediawikifrom 0, < 1:1.19.7+dfsg-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2114