Wikimedia mediawiki-extensions-I18nTags Unlike Parser I18nTags_body.php cross site scripting
A vulnerability was found in Wikimedia mediawiki-extensions-I18nTags and classified as problematic. This issue affects some unknown processing of the file I18nTags_body.php of the component Unlike Parser. The manipulation leads to cross site scripting. The CWE definition for the vulnerability is CWE-79. The weakness was published 01/05/2023 as b4bc3cbbb099eab50cf2b544cf577116f1867b94. The advisory is shared at github.com. The identification of this vulnerability is CVE-2018-25065. The attack may be initiated remotely. Technical details are available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. MITRE ATT&CK project uses the attack technique T1059.007 for this issue. It is declared as not defined. We expect the 0-day to have been worth approximately $0-$5k. The identifier of the patch is b4bc3cbbb099eab50cf2b544cf577116f1867b94. The bugfix is ready for download at github.com. It is recommended to apply a patch to fix this issue. A possible mitigation has been published before and not just after the disclosure of the vulnerability.