An issue was discovered in the Phonos extension in MediaWiki before 1.40.2. PhonosButton.js allows i18n-based XSS via the phonos-purge-needed-error message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-01-12T00:00:00
Updated: 2024-08-01T22:59:31.836Z
Reserved: 2024-01-12T00:00:00
Link: CVE-2024-23178
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-12T06:15:47.337
Modified: 2024-01-18T20:22:07.447
Link: CVE-2024-23178
Redhat
No data.