MediaWiki is a free and free-to-use web-based wiki engine from the U.S. Wikimedia (MediaWiki) Foundation. The product can be used to deploy internal knowledge management and content management systems.A cross-site scripting vulnerability exists in MediaWiki, which stems from a failure of the product’s WikibaseMediaInfo component to properly handle the title field of a given media file. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
MediaWiki MediaWiki >=1.36.0, | lt | 1.36.3 | |
MediaWiki MediaWiki | lt | 1.35.5 | |
MediaWiki MediaWiki >=1.37.0, | lt | 1.37.1 |