3 matches found
CVE-2024-23173
creationtimestamp| type| source ---|---|--- 2024-01-12 06:37:03+00:00| seen| https://t.me/ctinow/167085 2024-01-18 23:17:05+00:00| seen| https://t.me/ctinow/169989 2024-01-30 18:46:17+00:00| seen| https://t.me/ctinow/176172...
CVE-2024-23173
An issue was discovered in the Cargo extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:Drilldown page allows XSS via artist, album, and position parameters because of applied filter values in drilldown/CargoAppliedFilter.php...
CVE-2024-23173
The CVE-2024-23173 issue affects the MediaWiki Cargo extension (before 1.35.14, 1.36.x–1.39.x before 1.39.6, and 1.40.x before 1.40.2). The vulnerability arises on the Special:Drilldown page where XSS can be triggered via artist, album, and position parameters due to filter values in drilldown/Ca...