CVE-2024-34500 | MediaWiki up to 1.39.5/1.40.1/1.41.0 UnlinkedWikibase Extension Html::rawElement err cross site scripting

Posted by Angelo Barbosa | May 5, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in MediaWiki up to 1.39.5/1.40.1/1.41.0. This issue affects the function Html::rawElement of the component UnlinkedWikibase Extension. The manipulation of the argument err leads to cross site scripting.

The identification of this vulnerability is CVE-2024-34500. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34500 | MediaWiki up to 1.39.5/1.40.1/1.41.0 UnlinkedWikibase Extension Html::rawElement err cross site scripting

Related Posts

CVE-2024-4642 | wandb Webhook server-side request forgery

CVE-2024-25098 | PB oEmbed HTML5 Audio Plugin up to 2.6 on WordPress Shortcode cross site scripting

CVE-2024-37742 | Safe Exam Browser up to 3.5 on Windows Clipboard Management information disclosure

CVE-2024-2887 | Google Chrome prior 123.0.6312.86 WebAssembly type confusion