CVE-2021-31550
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers.
Date published : 2021-04-21
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Commentbox/+/651934/