CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

OSV•added 2022/05/24 5:29 p.m.•5 views

GHSA-RJ9P-8JXJ-2CH4 MediaWiki Cross-site Scripting (XSS) vulnerability

An issue was discovered in MediaWiki 1.34.x before 1.34.3. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML...

6.1CVSS6.4AI score0.00371EPSS

Exploits0References8

Veracode•added 2020/12/06 4:19 a.m.•29 views

Cross-site Scripting (XSS)

MediaWiki is vulnerable to cross-site scripting XSS. Allowing an attacker to modify messages is include raw HTML which NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier...

6.1CVSS1.4AI score0.00371EPSS

Exploits0References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by