Lucene search
K

4 matches found

NVD
NVD
added 2024/10/05 1:15 a.m.21 views

CVE-2024-47845

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...

8.2CVSS0.00384EPSS
Exploits1References3
CVE
CVE
added 2024/10/05 12:9 a.m.54 views

CVE-2024-47845

CVE-2024-47845 concerns an issue in the MediaWiki CSS Extension where improper encoding/escaping of output enables code injection. Affected range: MediaWiki CSS Extension versions 1.39.x prior to 1.39.9, 1.41.x prior to 1.41.3, and 1.42.x prior to 1.42.2. Root cause is improper output handling in...

8.2CVSS8.3AI score0.00384EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/10/05 12:9 a.m.15 views

CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...

6.9CVSS0.00384EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/10/05 12:9 a.m.12 views

CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...

6.9CVSS7.1AI score0.00384EPSS
Exploits1References3
Rows per page
Query Builder