Description
Cross-site scripting (XSS) vulnerability in the Hovercards extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors related to text extracts.
Remediation
References
Related Vulnerabilities
Moodle Missing Authorization Vulnerability (CVE-2024-48898)
MediaWiki Other Vulnerability (CVE-2005-0536)
Oracle HTTP Server CVE-2022-21375 Vulnerability (CVE-2022-21375)
WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)
WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)