UBUNTU-CVE-2020-29003

The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll...

PT-2020-17081 · Mediawiki +1 · Mediawiki Pollny Extension +1

Name of the Vulnerable Software and Affected Versions: MediaWiki PollNY extension versions through 1.35 Description: The issue allows for XSS via an answer option for a poll question. This can be entered during Special:CreatePoll or Special:UpdatePoll. Recommendations: For MediaWiki PollNY...