MediaWiki 跨站脚本漏洞

MediaWiki is a free and free-to-use web-based wiki engine from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.A cross-site scripting vulnerability exists in MediaWiki, which stems from the product's Special:CheckUserLog...

PT-2022-12584 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.5 MediaWiki versions 1.36.x prior to 1.36.3 MediaWiki versions 1.37.x prior to 1.37.1 Description: An issue in MediaWiki allows for XSS due to date mishandling in Special:CheckUserLog, as demonstrated by an XS...