CVE-2024-23172

描述

An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog.

受影響套件(1)

• Bitnami/mediawikifrom 0, < 1.41.1

CVSS 分數

參考連結(3)

• WEBhttps://gerrit.wikimedia.org/r/c/mediawiki/extensions/CheckUser/+/989179
• WEBhttps://nvd.nist.gov/vuln/detail/CVE-2024-23172
• WEBhttps://phabricator.wikimedia.org/T347708