Your submission was sent successfully! Close

CVE-2021-41798

Published: 11 October 2021

MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.

Priority

Medium

CVSS 3 base score: 6.1

Status

Package Release Status
mediawiki
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream
Released (1:1.35.4-1)
xenial Ignored
(out of standard support)