Vulnerabilities

CVE-2021-36131

by Fred · 02/07/2021

An XSS issue was discovered in the SportsTeams extension in MediaWiki through 1.36. Within several special pages, a privileged user could inject arbitrary HTML and JavaScript within various data fields. The attack could easily propagate across many pages for many users.

Date published : 2021-07-02

https://gerrit.wikimedia.org/r/q/Ic312cc9b8463c8e7c3298a661abfcff2cc2332cb

https://phabricator.wikimedia.org/T281196

Similar

Tags: Cybersecurity Alert