AI Score
Confidence
High
EPSS
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in the preview in the TemplateSandbox extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via the text parameter to Special:TemplateSandbox.
www.openwall.com/lists/oss-security/2014/12/21/2
www.openwall.com/lists/oss-security/2015/01/03/13
lists.wikimedia.org/pipermail/mediawiki-announce/2014-December/000173.html
phabricator.wikimedia.org/T76195