MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)
CVE-2023-37254 Published on June 29, 2023

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format.

NVD

Products Associated with CVE-2023-37254

stack.watch emails you whenever new vulnerabilities are published in MediaWiki or MediaWiki Cargo. Just hit a watch button to start following.

MediaWiki

MediaWiki Cargo

Exploit Probability

EPSS

0.14%

Percentile

34.61%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)CVE-2023-37254 Published on June 29, 2023

Products Associated with CVE-2023-37254

Exploit Probability

MediaWiki Cargo XSS in Special:CargoQuery (<=1.39.3)
CVE-2023-37254 Published on June 29, 2023