Lucene search

K
Starcitizen.toolsCitizen

8 matches found

CVE
CVE
added 2024/06/03 3:15 p.m.71 views

CVE-2024-36123

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page MediaWiki:Tagline has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the editinterface pe...

6.5CVSS6.2AI score0.00104EPSS
CVE
CVE
added 2025/06/12 7:15 p.m.35 views

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.9AI score0.00042EPSS
CVE
CVE
added 2025/06/12 7:15 p.m.34 views

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

6.5CVSS6.3AI score0.00042EPSS
CVE
CVE
added 2025/06/12 7:15 p.m.33 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has...

6.5CVSS6.3AI score0.00042EPSS
CVE
CVE
added 2025/06/12 7:15 p.m.32 views

CVE-2025-49576

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability ...

6.5CVSS6.3AI score0.00042EPSS
CVE
CVE
added 2025/06/12 7:15 p.m.31 views

CVE-2025-49578

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.3AI score0.00042EPSS
CVE
CVE
added 2025/07/03 8:15 p.m.11 views

CVE-2025-53368

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert cross-...

8.6CVSS5.6AI score0.00063EPSS
CVE
CVE
added 2025/07/03 8:15 p.m.9 views

CVE-2025-53370

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. ...

8.6CVSS6.5AI score0.00063EPSS