CNNVD-202507-321 Information
CNNVD ID
CNNVD-202507-321
Related CVE
- CNNVD Published: 2025-07-03
Description (Chinese)
Citizen是Star Citizen Wiki团队的一款美观、易用、响应迅速的MediaWiki皮肤。 Citizen 1.9.4至3.4.0之前版本存在跨站脚本漏洞,该漏洞源于旧搜索栏中页面描述未正确清理,可能导致跨站脚本攻击。
Description (English)
Citizen is a beautiful, easy-to-use and responsive MediaWiki skin of Star Citizen Wiki’s team. The pre-Citizen 1.9.4 to 3.4.0 version has a cross-site script loophole, which stems from an incorrect clean-up of the page description in the old search column, which may lead to a cross-site script attack.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
Star Citizen Wiki
Published
2025-07-03
Last Modified
2026-02-24
References
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases/tag/v3.4.0 https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-rq6g-6g94-jfr4 https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/aedbceb3380bb48db6b59e272fc187529c71c8ca https://nvd.nist.gov/vuln/detail/CVE-2025-53368
Patch
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases
Share on: