CVE-2024-23177 | MediaWiki up to 1.40.1 WatchAnalytics Extension Special:PageStatistics page cross site scripting

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in MediaWiki up to 1.40.1. It has been classified as problematic. This affects an unknown part of the file Special:PageStatistics of the component WatchAnalytics Extension. The manipulation of the argument page leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-23177. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23177 | MediaWiki up to 1.40.1 WatchAnalytics Extension Special:PageStatistics page cross site scripting

Related Posts

CVE-2024-42412 | ELECOM WAB-I1750-PS/WAB-S1167-PS up to 1.5.10 menu.cgi cross site scripting

CVE-2024-21626 | opencontainers runc up to 1.1.11 on Linux Internal File Descriptor file descriptor (GHSA-xr7r-f8xq-vfvv)

CVE-2023-6029 | EazyDocs Plugin up to 2.3.5 on WordPress cross-site request forgery

CVE-2023-47852 | Link Whisper Free Plugin up to 0.6.5 on WordPress sql injection