CVE-2024-25107

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

Design/Logic Flaw

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

CVE-2024-25107 Cross-Site Scripting in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

PT-2024-20752 · Unknown · Wikidiscover

Name of the Vulnerable Software and Affected Versions: WikiDiscover affected versions not specified Description: The issue arises from the use of the Language::date function on Special:WikiDiscover, which utilizes unescaped interface messages to translate month and day names. This results in an X...