CVE-2023-37254

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format...

PT-2023-25857 · Mediawiki +1 · Mediawiki Cargo Extension +1

Name of the Vulnerable Software and Affected Versions: MediaWiki Cargo extension versions through 1.39.3 Description: An issue in the Cargo extension for MediaWiki allows XSS to occur in Special:CargoQuery via a crafted page item when using the default format. The estimated number of potentially...