CVE-2024-34507 | MediaWiki up to 1.39.6/1.40.2/1.41.0 CommentParser.php cross site scripting

Posted by Angelo Barbosa | May 5, 2024 | CVE

A vulnerability classified as problematic has been found in MediaWiki up to 1.39.6/1.40.2/1.41.0. This affects an unknown part of the file includes/CommentFormatter/CommentParser.php. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-34507. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34507 | MediaWiki up to 1.39.6/1.40.2/1.41.0 CommentParser.php cross site scripting

Related Posts

CVE-2023-30968 | Palantir Gotham Gaia cross site scripting

CVE-2024-35676 | wpecommerce Recurring PayPal Donations Plugin up to 1.7 on WordPress cross site scripting

CVE-2024-0300 | Beijing Baichuo Smart S150 Management Platform up to 20240101 HTTP POST Request userattestation.php web_img unrestricted upload

CVE-2024-4072 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 search.php txtSearch cross site scripting