Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-28202

Опубликовано: 30 мар. 2022
Источник: debian
EPSS Низкий

Описание

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mediawikifixed1:1.35.6-1package
mediawikipostponedstretchpackage

Примечания

  • https://phabricator.wikimedia.org/T297543

  • https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/

EPSS

Процентиль: 67%
0.00527
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-28202

CVSS3: 6.1
ubuntu
почти 4 года назад

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

redhat логотип

CVE-2022-28202

CVSS3: 6.1
redhat
почти 4 года назад

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

nvd логотип

CVE-2022-28202

CVSS3: 6.1
nvd
почти 4 года назад

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

github логотип

GHSA-5c63-m98j-vx6v

CVSS3: 6.1
github
почти 4 года назад

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

EPSS

Процентиль: 67%
0.00527
Низкий