2 matches found
CVE-2022-34491
CVE-2022-34491 is rejected/not used and does not represent an active vulnerability entry.
CVE-2022-29969
CVE-2022-29969 describes a cross-site scripting (XSS) vulnerability in the MediaWiki RSS extension prior to 2022-04-29. The issue arises when an RSS feed is processed with the RSS whitelist enabled ($wgRSSUrlWhitelist) and $wgRSSAllowLinkTag set to true, allowing an attacker-controlled rss elemen...