2279233 – (CVE-2024-34500) CVE-2024-34500 mediawiki: XSS through interface message in UnlinkedWikibase

Bug 2279233 (CVE-2024-34500) - CVE-2024-34500 mediawiki: XSS through interface message in UnlinkedWikibase

Summary: CVE-2024-34500 mediawiki: XSS through interface message in UnlinkedWikibase

Keywords:
Status:	NEW
Alias:	CVE-2024-34500
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2279234
Blocks:
TreeView+	depends on / blocked

Reported:	2024-05-06 04:02 UTC by Avinash Hanwate
Modified:	2024-05-06 04:02 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Avinash Hanwate 2024-05-06 04:02:00 UTC

An issue was discovered in the UnlinkedWikibase extension in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. XSS can occur through an interface message. Error messages (in the $err var) are not escaped before being passed to Html::rawElement() in the getError() function in the Hooks class.

https://gerrit.wikimedia.org/r/c/mediawiki/extensions/UnlinkedWikibase/+/1002175
https://phabricator.wikimedia.org/T357203

Comment 1 Avinash Hanwate 2024-05-06 04:02:15 UTC

Created mediawiki tracking bugs for this issue:

Affects: fedora-all [bug 2279234]

Note You need to log in before you can comment on or make changes to this bug.