CVE-2023-45373 Information

Description

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators.

Reference

https://gerrit.wikimedia.org/r/c/mediawiki/extensions/ProofreadPage/+/961262 https://phabricator.wikimedia.org/T345693