CVE-2014-2854

Semantictitle - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (1)

[Patch] http://www.mediawiki.org/wiki/Extension:SemanticTitle#Version_1.1.0

Scores

EPSS 0.0022

EPSS Percentile 45.1%

Details

CWE

CWE-79

Status published

Products (2)

semantictitle_project/semantictitle

n/a/n/a

Published May 08, 2014

Tracked Since Feb 18, 2026