4 matches found
CVE-2024-47845
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
CVE-2024-47845
CVE-2024-47845 concerns an issue in the MediaWiki CSS Extension where improper encoding/escaping of output enables code injection. Affected range: MediaWiki CSS Extension versions 1.39.x prior to 1.39.9, 1.41.x prior to 1.41.3, and 1.42.x prior to 1.42.2. Root cause is improper output handling in...
CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...