RSS   Vulnerabilities for 'Parsoid'   RSS

2021-04-09
 
CVE-2021-30458

CWE-79
 

 
An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a <meta> tag, bypassing sanitization steps, and potentially allowing for XSS.

 

 >>> Vendor: Wikimedia 3 Products
Wikidata query gui
Parsoid
Analytics-quarry-web


Copyright 2024, cxsecurity.com

 

Back to Top