GoogleOSV:GHSA-HJ4C-VFC4-5F9CCross-site Scripting in Semantic MediaWiki
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
7.1 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Special:Ask in Semantic MediaWiki before 4.0.2 allows Reflected XSS.
References
github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/semantic-media-wiki/CVE-2022-48614.yaml
github.com/SemanticMediaWiki/SemanticMediaWiki
github.com/SemanticMediaWiki/SemanticMediaWiki/commit/604968d44fcdfcbb7f1e00c5d662ca5d5a3a5613
github.com/SemanticMediaWiki/SemanticMediaWiki/issues/5262
nvd.nist.gov/vuln/detail/CVE-2022-48614
www.semantic-mediawiki.org/wiki/Semantic_MediaWiki_4.0.2
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
7.1 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%