CVE-2024-47536

MEDIUM

starcitizen.tools/citizen < 2.31.0 - Stored Cross-Site Scripting via Real Name Field

Title source: llm

Description

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0.

References (4)

Core 4

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-62r2-gcxr-426x

Patch x_refsource_misc

https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/717d16af35b10dab04d434aefddbf991fc8c168c

View Patch ZIP pw:eip

Patch x_refsource_misc

https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/86da3e07718c8d8da6f4310386fef85599606f9b

View Patch ZIP pw:eip

Product x_refsource_misc

https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/d45c3d69f30863f622f16eb40dd41d3ca943454a/includes/Components/CitizenComponentUserInfo.php#L137

Scores

CVSS v3 5.4

EPSS 0.0042

EPSS Percentile 33.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79 CWE-80

Status published

Products (2)

starcitizen.tools/citizen < 2.31.0

starcitizentools/citizen-skin 2.6.3 - 2.31.0Packagist

Published Sep 30, 2024

Tracked Since Feb 18, 2026