CNNVD-202507-323 Information
CNNVD ID
CNNVD-202507-323
Related CVE
- CNNVD Published: 2025-07-03
Description (Chinese)
StarCitizenTools Mediawiki Extensions ShortDescription是StarCitizenTools开源的一个用维基项目的扩展。 StarCitizenTools Mediawiki Extensions ShortDescription 4.0.0版本存在跨站脚本漏洞,该漏洞源于短描述未正确清理,可能导致任意HTML注入。
Description (English)
StarCitizenTools Mediawiki Express ShortDescription is an extension of a Wiki project from StarCitizenTools open source. The version 4.0.0 of StarCitizenTools Mediawiki Express ShortDescription contains a cross-site script loophole, which stems from the fact that the short description was not properly cleared and could lead to any type of HTML injection.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
StarCitizenTools
Published
2025-07-03
Last Modified
2026-02-24
References
https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/commit/bc4fdbaeb1dff127fb6d08c0d385b64aa128c8f8 https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/security/advisories/GHSA-p85q-mww9-gwqf
Patch
https://www.mediawiki.org/wiki/Extension:ShortDescription
Share on: