exploitDog

GHSA-m3h7-84mr-jh3r

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users.

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users.

Ссылки

EPSS

Процентиль: 41%

0.00192

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-36131

CVSS3: 4.8

nvd

больше 4 лет назад

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users.

EPSS

Процентиль: 41%

0.00192

Низкий

CVE ID

Дефекты

CWE-79