First published: Fri Jul 02 2021(Updated: )
An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MediaWiki MediaWiki | <=1.36 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.