Security Advisory

CVE-2021-42047

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-06 20:48:01
Last updated 2024-08-04 03:22:25
Assigner mitre
State PUBLISHED

Description

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback.