Количество 3
Количество 3
CVE-2023-37302
An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute).
CVE-2023-37302
An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute).
GHSA-fmrf-p77g-vv5c
MediaWiki Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-37302 An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute). | CVSS3: 6.1 | 2% Низкий | больше 2 лет назад |
 | CVE-2023-37302 An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute). | CVSS3: 6.1 | 2% Низкий | больше 2 лет назад |
| GHSA-fmrf-p77g-vv5c MediaWiki Cross-site Scripting vulnerability | CVSS3: 6.1 | 2% Низкий | больше 2 лет назад |
Уязвимостей на страницу