Description

An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers.

Remediation

References

CVE-2023-45360

Related Vulnerabilities

WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)

WordPress Plugin AB Press Optimizer Multiple Cross-Site Scripting Vulnerabilities (1.1.1)

WordPress 6.2.x Shortcode Execution (6.2 - 6.2.1)

Oracle JRE CVE-2013-1484 Vulnerability (CVE-2013-1484)

SharePoint Improper Input Validation Vulnerability (CVE-2009-3830)

Severity

Medium

Classification

CVE-2023-45360 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities