Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2023-36675 - CERT CVE
CVE-2023-36675
ID
CVE-2023-36675
Sažetak
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
Reference
https://phabricator.wikimedia.org/T332889
https://www.mediawiki.org/wiki/Release_notes/1.40#Other_changes_in_1.40
https://www.debian.org/security/2023/dsa-5447
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/
CVSS
Base:
6.1
Impact:
2.7
Exploitability:
2.8
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
-
Impact
Povjerljivost
Cjelovitost
Dostupnost
LOW
LOW
NONE
CVSS vektor
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Zadnje važnije ažuriranje
07-11-2023 - 04:16
Objavljeno
26-06-2023 - 01:15