Bug 2279233 (CVE-2024-34500) - CVE-2024-34500 mediawiki: XSS through interface message in UnlinkedWikibase
Summary: CVE-2024-34500 mediawiki: XSS through interface message in UnlinkedWikibase
Keywords:
Status: NEW
Alias: CVE-2024-34500
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2279234
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-05-06 04:02 UTC by Avinash Hanwate
Modified: 2024-05-06 04:02 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Avinash Hanwate 2024-05-06 04:02:00 UTC
An issue was discovered in the UnlinkedWikibase extension in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. XSS can occur through an interface message. Error messages (in the $err var) are not escaped before being passed to Html::rawElement() in the getError() function in the Hooks class.

https://gerrit.wikimedia.org/r/c/mediawiki/extensions/UnlinkedWikibase/+/1002175
https://phabricator.wikimedia.org/T357203

Comment 1 Avinash Hanwate 2024-05-06 04:02:15 UTC
Created mediawiki tracking bugs for this issue:

Affects: fedora-all [bug 2279234]


Note You need to log in before you can comment on or make changes to this bug.