Citizen@* Security Vulnerabilities and Issues — Citizen@* CVE List

Lucene search

Starcitizen.toolsCitizen*

7 matches found

CVE•added 2025/06/12 7:15 p.m.•36 views

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.9AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•35 views

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

6.5CVSS6.3AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•34 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has...

6.5CVSS6.3AI score0.00051EPSS

CVE•added 2025/06/12 7:15 p.m.•33 views

CVE-2025-49576

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability ...

6.5CVSS6.3AI score0.00039EPSS

CVE•added 2025/06/12 7:15 p.m.•33 views

CVE-2025-49578

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the editinterf...

6.5CVSS6.3AI score0.00039EPSS

CVE•added 2025/07/03 8:15 p.m.•11 views

CVE-2025-53368

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert cross-...

8.6CVSS5.6AI score0.00037EPSS

CVE•added 2025/07/03 8:15 p.m.•9 views

CVE-2025-53370

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. ...

8.6CVSS6.5AI score0.00037EPSS