Описание
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki - UploadWizard extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki - UploadWizard extension: 1.45, 1.44, 1.43, 1.39.
Ссылки
- Patch
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:wikimedia:mediawiki-extensions-uploadwizard:1.39:*:*:*:*:*:*:*
cpe:2.3:a:wikimedia:mediawiki-extensions-uploadwizard:1.43:*:*:*:*:*:*:*
cpe:2.3:a:wikimedia:mediawiki-extensions-uploadwizard:1.44:*:*:*:*:*:*:*
cpe:2.3:a:wikimedia:mediawiki-extensions-uploadwizard:1.45:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00029
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
debian
около 1 месяца назад
Improper Neutralization of Input During Web Page Generation (XSS or 'C ...
CVSS3: 6.1
github
около 1 месяца назад
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki - UploadWizard extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki - UploadWizard extension: 1.45, 1.44, 1.43, 1.39.
EPSS
Процентиль: 8%
0.00029
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79