Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43691
HistoryOct 10, 2023 - 1:54 a.m.

Cross-site Scripting (XSS)

2023-10-1001:54:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross-site scripting
mediawiki
vulnerability
arbitrary code
web page
user data
computer control

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

19.7%

mediawiki is vulnerable to Cross-site Scripting (XSS). The vulnerability allows an attacker to inject arbitrary code into a web page, potentially allowing them to steal user data or take control of the user’s computer.

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

19.7%