First published: Wed Dec 11 2019(Updated: )
The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mediawiki Visual Editor | <=1.34 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.