CVE-2023-22910 Information
Share on:
Jan 20, 2023
cve
Description
An issue was discovered in MediaWiki before 1.35.9 1.36.x through 1.38.x before 1.38.5 and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs capability.