An issue exists in the ProofreadPage extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. XSS can occur via formatNumNoSeparators.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.40.0 |
||
mediawiki mediawiki |