CVE-2023-37302 in MediaWikithông tin

Tóm tắt

Bởi MITRE • 30/06/2023

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to lack of escaping in wbTemplate (from resources/wikibase/templates.js) for quotes (which can be in a title attribute).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Nguồn

Do you know our Splunk app?

Download it now for free!