Description
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-5447-1 | mediawiki security update |
EUVD |
EUVD-2023-40618 | An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature. |
References
History
Thu, 05 Dec 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-12-05T15:25:03.755Z
Reserved: 2023-06-26T00:00:00.000Z
Link: CVE-2023-36675
Updated: 2024-08-02T16:52:54.186Z
Status : Modified
Published: 2023-06-26T01:15:09.203
Modified: 2026-06-17T06:06:48.830
Link: CVE-2023-36675
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Debian DSA
EUVD