2 matches found
CVE-2023-37254
CVE-2023-37254 affects the Cargo extension for MediaWiki up to 1.39.3. It enables cross-site scripting via Special:CargoQuery via a crafted page item when using the default format. The CVSS metrics indicate network access with user interaction required and no privileges, with impact on confidenti...
CVE-2023-37254
An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format...