Security Advisory

CVE-2019-19329

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-27 15:28:10

Last updated 2024-08-05 02:16:46

Assigner mitre

State PUBLISHED

Description

In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07, when mathematical expressions in results are displayed directly, arbitrary JavaScript execution can occur, aka XSS. This was addressed by introducing MathJax as a new mathematics rendering engine. NOTE: this GUI code is no longer bundled with the Wikibase Wikidata Query Service snapshots, such as 0.3.6-SNAPSHOT.

← Browse all CVEs View on cve.org ↗