exploitDog

GHSA-c5v4-mrjh-44fj

Опубликовано: 29 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the "get edits" type is vulnerable to HTML injection through the User-Agent HTTP request header.

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the "get edits" type is vulnerable to HTML injection through the User-Agent HTTP request header.

Ссылки

EPSS

Процентиль: 26%

0.0009

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-37255

CVSS3: 6.1

nvd

больше 2 лет назад

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the "get edits" type is vulnerable to HTML injection through the User-Agent HTTP request header.

EPSS

Процентиль: 26%

0.0009

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79