An issue was discovered in includes/CommentFormatter/CommentParser.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges#%1b0000000.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-05T00:00:00
Updated: 2024-08-02T02:51:11.465Z
Reserved: 2024-05-05T00:00:00
Link: CVE-2024-34507
Vulnrichment
Updated: 2024-08-02T02:51:11.465Z
NVD
Status : Awaiting Analysis
Published: 2024-05-05T19:15:07.307
Modified: 2024-11-21T09:18:49.997
Link: CVE-2024-34507
Redhat