CVE-2023-29134 Information

Description

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit.

Reference

https://phabricator.wikimedia.org/T331362 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/898722 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/895774 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/900133 https://phabricator.wikimedia.org/rECRG920f3c19a84175bcfe93f41ecf9f8cef32730f8e