CVE-2024-36123 - OpenCVE

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Starcitizentools	Mediawiki-skins-citizen

No data.

No data.

References

Link	Providers
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-03T14:17:08.664Z

Updated: 2024-08-02T03:30:13.034Z

Reserved: 2024-05-20T21:07:48.189Z

Link: CVE-2024-36123

Vulnrichment

Updated: 2024-06-04T19:20:18.686Z

NVD

Status : Awaiting Analysis

Published: 2024-06-03T15:15:08.843

Modified: 2024-06-03T19:23:17.807

Link: CVE-2024-36123

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36123", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-05-20T21:07:48.189Z", "datePublished": "2024-06-03T14:17:08.664Z", "dateUpdated": "2024-08-02T03:30:13.034Z"}, "containers": {"cna": {"title": "Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases"}], "affected": [{"vendor": "StarCitizenTools", "product": "mediawiki-skins-Citizen", "versions": [{"version": "< 2.16.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-03T14:17:08.664Z"}, "descriptions": [{"lang": "en", "value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0.\n"}], "source": {"advisory": "GHSA-jhm6-qjhq-5mf9", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "starcitizentools", "product": "mediawiki-skins-citizen", "cpes": ["cpe:2.3:a:starcitizentools:mediawiki-skins-citizen:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.16.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-04T19:26:23.022882Z", "id": "CVE-2024-36123", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T19:47:48.363Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:13.034Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36123", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-05-20T21:07:48.189Z", "datePublished": "2024-06-03T14:17:08.664Z", "dateUpdated": "2024-06-04T19:47:48.363Z"}, "containers": {"cna": {"title": "Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201"}, {"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases", "tags": ["x_refsource_MISC"], "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases"}], "affected": [{"vendor": "StarCitizenTools", "product": "mediawiki-skins-Citizen", "versions": [{"version": "< 2.16.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-03T14:17:08.664Z"}, "descriptions": [{"lang": "en", "value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0.\n"}], "source": {"advisory": "GHSA-jhm6-qjhq-5mf9", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-36123", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-04T19:26:23.022882Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:starcitizentools:mediawiki-skins-citizen:*:*:*:*:*:*:*:*"], "vendor": "starcitizentools", "product": "mediawiki-skins-citizen", "versions": [{"status": "affected", "version": "0", "lessThan": "2.16.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T19:20:18.686Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0.\n"}, {"lang": "es", "value": "Citizen es un aspecto de MediaWiki que hace que las extensiones formen parte de una experiencia cohesiva. La p\u00e1gina `MediaWiki:Tagline` tiene su contenido usado sin escape, por lo que alguien con la capacidad de editar el espacio de nombres de MediaWiki (normalmente aquellos con el permiso `editinterface` o sysops) puede inyectar HTML personalizado (incluido Javascript). Esta vulnerabilidad se solucion\u00f3 en 2.16.0."}], "id": "CVE-2024-36123", "lastModified": "2024-06-03T19:23:17.807", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-03T15:15:08.843", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L190-L195"}, {"source": "security-advisories@github.com", "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/c11fbf67a99366d5a40ef880469b222679e3b475/includes/Components/CitizenComponentPageHeading.php#L197-L201"}, {"source": "security-advisories@github.com", "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4a43280242f33e54643087da4a7f40970d2640c9"}, {"source": "security-advisories@github.com", "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases"}, {"source": "security-advisories@github.com", "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}]}