Lucene search
K

4 matches found

NVD
NVD
added 2021/10/06 9:15 p.m.15 views

CVE-2021-42043

An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text a parameter to mediasearch-did-you-mean was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator...

6.1CVSS0.00726EPSS
Exploits0References2
Prion
Prion
added 2021/10/06 9:15 p.m.13 views

Design/Logic Flaw

An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text a parameter to mediasearch-did-you-mean was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator...

4.3CVSS6.5AI score0.00726EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/10/06 8:28 p.m.62 views

CVE-2021-42043

The CVE-2021-42043 entry concerns MediaWiki’s Special:MediaSearch in the MediaSearch extension up to version 1.36.2. The bug is caused by improper sanitization of the suggestion text parameter to mediasearch-did-you-mean, enabling injection/execution of HTML and JavaScript via the intitle: search...

6.1CVSS6.4AI score0.00726EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/06 8:28 p.m.19 views

CVE-2021-42043

An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text a parameter to mediasearch-did-you-mean was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator...

6.6AI score0.00726EPSS
Exploits0References2
Rows per page
Query Builder