First published: Wed Jan 08 2020(Updated: )
The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.mustache+dom file).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MediaWiki MediaWiki | =1.35 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.