exploitDog

GHSA-3496-pjp5-xxqp

Опубликовано: 30 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript.

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript.

Ссылки

EPSS

Процентиль: 53%

0.00304

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-42046

CVSS3: 6.1

nvd

больше 3 лет назад

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript.

EPSS

Процентиль: 53%

0.00304

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79