Your submission was sent successfully! Close

CVE-2021-45474

Published: 24 December 2021

In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporter) allows XSS, as demonstrated by the clientUrl parameter.

Priority

Medium

CVSS 3 base score: 6.1

Status

Package Release Status
mediawiki
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)