2 matches found
CVE-2024-23178
An issue was discovered in the Phonos extension in MediaWiki before 1.40.2. PhonosButton.js allows i18n-based XSS via the phonos-purge-needed-error message...
CVE-2024-23178
The CVE-2024-23178 issue affects the Phonos extension for MediaWiki, specifically involving the PhonosButton.js component. Affected software: MediaWiki with Phonos extension prior to version 1.40.2. Root cause: i18n-based cross-site scripting (XSS) vulnerability exposed via the phonos-purge-neede...