CVE-2022-42985 The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform XSS attacks.

CVE-2022-42985 The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform XSS attacks.

These messages are displayed as HTML instead of the expected warning banner. To exploit this vulnerability, a user with administrator privileges could embed malicious JavaScript code in the message.

Extension developers are encouraged to review the source of their extensions to confirm that user input is not being cut and pasted from the browser console.

CVE-2023-42986

These messages are displayed as HTML instead of the expected warning banner. To exploit this vulnerability, a user with administrator privileges could embed malicious JavaScript code in the message.

Extension developers are encouraged to review the source of their extensions to confirm that user input is not being cut and pasted from the browser console.

Critical: Arbitrary code execution vulnerability

An arbitrary JavaScript execution vulnerability has been discovered in the extension. The vulnerability is triggered when a user clicks on an embedded link that points to a website controlled by an attacker. To exploit this vulnerability, the user must have administrator privileges and the message being sent must have HTML content.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe