An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-12T00:00:00

Updated: 2024-08-01T22:59:31.839Z

Reserved: 2024-01-12T00:00:00

Link: CVE-2024-23172

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2024-01-12T05:15:10.187

Modified: 2024-01-18T20:23:36.063

Link: CVE-2024-23172

cve-icon Redhat

No data.