Stored Cross Site Scripting (XSS)

starcitizentools/citizen-skin is vulnerable to Stored Cross Site Scripting XSS. The vulnerability is due to improper handling of system message content in the sticky header, where innerHTML is assigned from user-editable message text, which allows an attacker with interface message edit privilege...

EUVD-2025-18204

Malicious code in bioql PyPI...

StarCitizenTools Mediawiki Extensions ShortDescription 跨站脚本漏洞

StarCitizenTools Mediawiki Extensions ShortDescription is a StarCitizenTools open source extension with wiki projects. A cross-site scripting vulnerability exists in StarCitizenTools Mediawiki Extensions ShortDescription version 4.0.0, which stems from a short description not being cleaned up...

HTML Injection

starcitizentools/citizen-skin is vulnerable to Arbitrary HTML injection. The vulnerability is due to system messages being inserted into the DOM as raw HTML, allowing users with editinterface rights to inject content without needing editsitejs permissions...

GHSA-86XF-2MGP-GV3G starcitizentools/citizen-skin allows stored XSS in search no result messages

Summary The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages are inserted as raw HTML by the mustache template:...

CVE-2024-47536 starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0...

CVE-2024-47536 starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0...