Lucene search
Veracode Vulnerability DatabaseVERACODE:29944HistoryApr 10, 2021 - 4:38 a.m.
Cross-site Scripting (XSS)
2021-04-1004:38:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.001 Low
EPSS
Percentile
37.1%
mediawiki is vulnerable to cross-site scripting (XSS). An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a tag, bypassing sanitization steps, and potentially allowing for XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mediawiki:sid | eq | 1:1.35.0-1 | |
| mediawiki:bullseye | eq | 1:1.35.0-1 |
Related
friendsofphp
friendsofphp
Parsoid comment fostering allows for inserting mostly arbitrary <meta> tags
2021-04-08 05:36:00
Parsoid comment fostering allows for inserting mostly arbitrary <meta> tags
2021-04-08 05:36:00
osv
osv
CVE-2021-30458
2021-04-09 07:15:16
debiancve
debiancve
CVE-2021-30458
2021-04-09 07:15:16
ubuntucve
ubuntucve
CVE-2021-30458
2021-04-09 00:00:00
cvelist
cvelist
CVE-2021-30458
2021-04-09 06:06:04
nvd
nvd
CVE-2021-30458
2021-04-09 07:15:16
prion
prion
Cross site scripting
2021-04-09 07:15:00
github
github
Wikimedia Parsoid vulnerable to Cross-site Scripting (XSS)
2022-05-24 17:47:02
cve
cve
CVE-2021-30458
2021-04-09 07:15:16
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2021-07-17 00:00:00
nessus
nessus
GLSA-202107-40 : MediaWiki: Multiple vulnerabilities
2022-01-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package mediawiki version 1.35.2-alt1
2021-04-24 00:00:00