23 matches found
Cross site scripting
The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template in the templates/search/PropertySuggestionsWidget.mustache+dom file...
CVE-2020-6163
CVE-2020-6163 affects the WikibaseMediaInfo extension for MediaWiki (version 1.35). The vulnerability arises from improper syntax in the PropertySuggestionsWidget template (templates/search/PropertySuggestionsWidget.mustache+dom), enabling cross-site scripting (XSS). Public references consistentl...
CVE-2020-6163
The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template in the templates/search/PropertySuggestionsWidget.mustache+dom file...