CVE-2021-46146
10.01.2022, 14:11
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The WikibaseMediaInfo component is vulnerable to XSS via the caption fields for a given media file.
| Vendor | Product | Version |
|---|---|---|
| mediawiki | mediawiki | 𝑥 < 1.35.5 |
| mediawiki | mediawiki | 1.36.0 ≤ 𝑥 < 1.36.3 |
| mediawiki | mediawiki | 1.37.0 ≤ 𝑥 < 1.37.1 |
𝑥
= Vulnerable software versions