CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-14807

In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://gerrit.wikimedia.org/g/mediawiki/extensions/MobileFrontend/+/08dfc59771d0ed9b739a59bb521baf7f59d169f9
https://phabricator.wikimedia.org/T229541
https://gerrit.wikimedia.org/g/mediawiki/extensions/MobileFrontend/+/08dfc59771d0ed9b739a59bb521baf7f59d169f9
https://phabricator.wikimedia.org/T229541

Products affected by CVE-2019-14807

Mediawiki » Mobilefrontend » Version: 1.31.0

cpe:2.3:a:mediawiki:mobilefrontend:1.31.0
Mediawiki » Mobilefrontend » Version: 1.32.0

cpe:2.3:a:mediawiki:mobilefrontend:1.32.0
Mediawiki » Mobilefrontend » Version: 1.33.0

cpe:2.3:a:mediawiki:mobilefrontend:1.33.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14807

Products

Pricing

Contact Us