Lucene search
+L

4 matches found

OSV
OSV
added 2024/03/06 10:59 a.m.25 views

BIT-MEDIAWIKI-2023-37302

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate from resources/wikibase/templates.js for quotes which can be in a title attribute...

6.1CVSS5.8AI score0.00689EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/06/30 6:31 p.m.24 views

MediaWiki Cross-site Scripting vulnerability

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate from resources/wikibase/templates.js for quotes which can be in a title attribute...

6.1CVSS6.2AI score0.00689EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/30 12:0 a.m.15 views

CVE-2023-37302

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate from resources/wikibase/templates.js for quotes which can be in a title attribute...

6AI score0.00689EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/06/30 12:0 a.m.17 views

CVE-2023-37302

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate from resources/wikibase/templates.js for quotes which can be in a title attribute...

6.1CVSS6.3AI score0.00689EPSS
Exploits1References4
Rows per page
Query Builder