CVE-2024-34500
Published May 5, 2024
Last updated 5 months ago
Overview
- Description
- An issue was discovered in the UnlinkedWikibase extension in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. XSS can occur through an interface message. Error messages (in the $err var) are not escaped before being passed to Html::rawElement() in the getError() function in the Hooks class.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
Social media
- Hype score
- Not currently trending