8 matches found
EUVD-2017-0718
Malware in sbrugna...
CVE-2022-2510
Cross-site Scripting XSS vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML XSS on page "Special:SearchCenter", using the search term in the URL...
DEBIAN-CVE-2021-41798
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page...
UBUNTU-CVE-2021-41798
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page...
Cross-site Scripting (XSS)
mediawiki/core is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the $date variable in the render function of FullSearchResultWidget.php as it does not properly escape the month-related MediaWiki messages before being used on the Special: Searc...
PT-2021-23411 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.36.2 Description: The issue allows for XSS due to month-related MediaWiki messages not being escaped before being used on the Special:Search results page. Recommendations: For versions prior to 1.36.2, update to...
UBUNTU-CVE-2017-0364
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link...
The vulnerability of the Firefox OS operating system allows a hacker to inject arbitrary HTML code.
The vulnerability of the Gaia Search app for the Firefox OS operating system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code through a special search request executed after the browser...