2 matches found
PT-2026-42586
Summary A cross-site scripting XSS vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including tags—is processed and injected into the resulting page without sanitization, allowing arbitrary JavaScript execution ...
Citizen 跨站脚本漏洞
Citizen is a beautiful, easy-to-use and responsive MediaWiki skin from the Star Citizen Wiki team. A cross-site scripting vulnerability exists in versions prior to Citizen 3.3.1, which stems from the insertion of raw HTML in CommandPaletteFooter, and could lead to arbitrary HTML injection...