CVE-2024-23171

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23171
An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization (i18n).
CVSS

No CVSS.

References
Link Resource
https://phabricator.wikimedia.org/T348343
https://gerrit.wikimedia.org/r/q/I70d71c409193e904684dfb706d424b0a815fa6f6
Configurations

No configuration.

Information

Published : 2024-01-12 05:15

Updated : 2024-01-12 13:47

NVD link : CVE-2024-23171

Mitre link : CVE-2024-23171

JSON object : View

Products Affected

No product.

CWE

No CWE.