8 matches found
CVE-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...
Cross-Site Scripting (XSS)
mediawiki/metrolook-skin is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization in MediaWiki top-level menu entries, allowing attackers to inject and execute arbitrary script code...
BIT-MEDIAWIKI-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...
CVE-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...
CVE-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...
CVE-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...
CVE-2024-40600
Affected software: Metrolook skin for MediaWiki up to version 1.42.1. Vulnerability: stored XSS via MediaWiki:Sidebar top-level menu entries. Impact: can lead to execution of arbitrary script in a victim’s browser; exploitation details are not provided in the documents. Root cause: improper handl...
PT-2024-28936 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki Metrolook skin versions through 1.42.1 Description: An issue was discovered in the Metrolook skin for MediaWiki, where there is stored XSS via MediaWiki:Sidebar top-level menu entries. Recommendations: For versions through 1.42.1,...