QwikSec

Security Database

CVE

CWE

Training

CVE-2024-47845

Published: Oct 5, 2024

Modified: Oct 7, 2024

PUBLISHED

Description

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.

Vendor	Product	Versions
The Wikimedia Foundation	Mediawiki - CSS Extension	affected `1.39.x - < 1.39.9` affected `1.41.x - < 1.41.3` affected `1.42.x - < 1.42.2`

Weaknesses (CWE)

References

https://phabricator.wikimedia.org/T368628

https://phabricator.wikimedia.org/T368594

https://gerrit.wikimedia.org/r/q/I6f38f4a8fc1dcd690ab27b8f18ce6ca903bacc53

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.