An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog.
History

Thu, 14 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-12T00:00:00

Updated: 2024-11-14T14:43:06.609Z

Reserved: 2024-01-12T00:00:00

Link: CVE-2024-23172

cve-icon Vulnrichment

Updated: 2024-08-01T22:59:31.839Z

cve-icon NVD

Status : Modified

Published: 2024-01-12T05:15:10.187

Modified: 2024-11-21T08:57:07.193

Link: CVE-2024-23172

cve-icon Redhat

No data.