MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)
CVE-2023-37254 Published on June 29, 2023

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format.

NVD

Products Associated with CVE-2023-37254

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-37254 are published in these products:

MediaWiki

MediaWiki Cargo

Exploit Probability

EPSS

0.12%

Percentile

30.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)CVE-2023-37254 Published on June 29, 2023

Products Associated with CVE-2023-37254

Exploit Probability

MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)
CVE-2023-37254 Published on June 29, 2023