Mediawiki Score Extension
Monthly
Stored cross-site scripting (XSS) vulnerability in Mediawiki Score Extension allows unauthenticated remote attackers to inject malicious scripts that execute in the context of wiki pages, potentially compromising user sessions and enabling defacement or data theft. The vulnerability exists due to improper input neutralization during web page generation (CWE-79). Affected versions include 1.45.2, 1.43.7, and 1.44.4, with patches available from Wikimedia Foundation.
Stored cross-site scripting (XSS) vulnerability in Mediawiki Score Extension allows unauthenticated remote attackers to inject malicious scripts that execute in the context of wiki pages, potentially compromising user sessions and enabling defacement or data theft. The vulnerability exists due to improper input neutralization during web page generation (CWE-79). Affected versions include 1.45.2, 1.43.7, and 1.44.4, with patches available from Wikimedia Foundation.