Multiple cross-site scripting (XSS) vulnerabilities in...
Moderate severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Sep 1, 2015
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Jan 27, 2023
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) "Template label (optional)" field in a form, or a (3) Field name in a template.
References