Citizen@* Security Vulnerabilities and Issues — Citizen@* CVE List

Lucene search

Starcitizen.toolsCitizen*

7 matches found

CVE•added 2024/06/03 3:15 p.m.•73 views

CVE-2024-36123

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page MediaWiki:Tagline has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the editinterface pe...

6.5CVSS6.2AI score0.00333EPSS

CVE•added 2024/09/30 5:15 p.m.•49 views

CVE-2024-47536

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0.

5.4CVSS5.7AI score0.00056EPSS

CVE•added 2025/06/12 7:15 p.m.•37 views

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.9AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•36 views

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

6.5CVSS6.3AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•35 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has...

6.5CVSS6.3AI score0.00051EPSS

CVE•added 2025/06/12 7:15 p.m.•34 views

CVE-2025-49576

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability ...

6.5CVSS6.3AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•34 views

CVE-2025-49578

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.3AI score0.00039EPSS