CVE-2021-42048
MEDIUM4.8EPSS 0.22%發布日:2024/3/6修改日:2025/4/3
描述
An issue was discovered in the Growth extension in MediaWiki through 1.36.2. Any admin can add arbitrary JavaScript code to the Newcomer home page footer, which can be executed by viewers with zero edits.
受影響套件(1)
- Bitnami/mediawikifrom 0, < 1.36.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.8 | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |