Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/06 6:25 p.m.23 views

CVE-2025-53484

User-controlled inputs are improperly escaped in: VotePage.php poll option input ResultPage::getPagesTab and getErrorsTab user-controllable page names This allows attackers to inject JavaScript and compromise user sessions under certain conditions. This issue affects Mediawiki - SecurePoll...

9.8CVSS6.4AI score0.00456EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 6:15 p.m.7 views

CVE-2025-53484

User-controlled inputs are improperly escaped in: VotePage.php poll option input ResultPage::getPagesTab and getErrorsTab user-controllable page names This allows attackers to inject JavaScript and compromise user sessions under certain conditions. This issue affects Mediawiki - SecurePoll...

9.8CVSS0.00456EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/04 5:34 p.m.3 views

CVE-2025-53484 SecurePoll: Multiple locations vulnerable to Cross-Site Scripting (XSS) via unescaped input

User-controlled inputs are improperly escaped in: VotePage.php poll option input ResultPage::getPagesTab and getErrorsTab user-controllable page names This allows attackers to inject JavaScript and compromise user sessions under certain conditions. This issue affects Mediawiki - SecurePoll...

7.1AI score0.00456EPSS
Exploits0References3
CVE
CVE
added 2025/07/04 5:34 p.m.21 views

CVE-2025-53484

The CVE-2025-53484 affects the MediaWiki SecurePoll extension. Affected versions are 1.39.x before 1.39.13, 1.42.x before 1.42.7, and 1.43.x before 1.43.2. The root cause is improper escaping of user-controlled inputs in VotePage.php (poll option input) and in ResultPage’s getPagesTab() and getEr...

9.8CVSS6.5AI score0.00456EPSS
Exploits0References3
Rows per page
Query Builder