First published: Mon May 02 2022(Updated: )
The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mediawiki Rss For Mediawiki | <2022-04-29 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.