Security Advisory

CVE-2019-12471

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-10 15:49:21

Last updated 2024-08-04 23:24:37

Assigner mitre

State PUBLISHED

Description

Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

← Browse all CVEs View on cve.org ↗