Количество 2
Количество 2
CVE-2022-34491
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-29969. Reason: This candidate is a duplicate of CVE-2022-29969. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-29969 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
GHSA-7m3f-x5vh-v652
In the RSS extension for MediaWiki through 1.38.1, when the $wgRSSAllowLinkTag config variable was set to true, and a new RSS feed was created with certain XSS payloads within its description tags and added to the $wgRSSUrlWhitelist config variable, stored XSS could occur via MediaWiki's template system whenever that feed was loaded via the rss document tag.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-34491 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-29969. Reason: This candidate is a duplicate of CVE-2022-29969. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-29969 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | больше 3 лет назад | ||
| GHSA-7m3f-x5vh-v652 In the RSS extension for MediaWiki through 1.38.1, when the $wgRSSAllowLinkTag config variable was set to true, and a new RSS feed was created with certain XSS payloads within its description tags and added to the $wgRSSUrlWhitelist config variable, stored XSS could occur via MediaWiki's template system whenever that feed was loaded via the rss document tag. | больше 3 лет назад |
Уязвимостей на страницу