Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.
| Vendor | Product | Versions |
|---|---|---|
| wikimedia foundation | mediawiki - cargo extension | 0, 3.8.6 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| open source | mediawiki | cert_advisory | 90% |
Updated affected versions to 3.8.6, changed severity to HIGH, and noted that no exploit exists.
Initial creation
