MediaWiki Shortdescription
By the Year
In 2023 there have been 0 vulnerabilities in MediaWiki Shortdescription . Last year Shortdescription had 1 security vulnerability published. Right now, Shortdescription is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 1 | 6.10 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Shortdescription vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaWiki Shortdescription Security Vulnerabilities
ShortDescription is a MediaWiki extension that provides local short description support
CVE-2022-21710
6.1 - Medium
- January 24, 2022
ShortDescription is a MediaWiki extension that provides local short description support. A cross-site scripting (XSS) vulnerability exists in versions prior to 2.3.4. On a wiki that has the ShortDescription enabled, XSS can be triggered on any page or the page with the action=info parameter, which displays the shortdesc property. This is achieved using the wikitext `{{SHORTDESC:<img src=x onerror=alert()>}}`. This issue has a patch in version 2.3.4.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaWiki Shortdescription or by MediaWiki? Click the Watch button to subscribe.
