Описание
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.
EPSS
Процентиль: 37%
0.00163
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-116
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 1 года назад
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.
CVSS3: 6.5
debian
больше 1 года назад
An issue was discovered in the Vector Skin component for MediaWiki bef ...
CVSS3: 6.5
github
больше 1 года назад
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.
EPSS
Процентиль: 37%
0.00163
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-116