CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-47845

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.9%

CVSS Severity

CVSS v3 Score 8.2

References

https://gerrit.wikimedia.org/r/q/I6f38f4a8fc1dcd690ab27b8f18ce6ca903bacc53
https://phabricator.wikimedia.org/T368594
https://phabricator.wikimedia.org/T368628

Products affected by CVE-2024-47845

Wikimedia » Wikimedia-Extensions-Css » Version: Any

cpe:2.3:a:wikimedia:wikimedia-extensions-css:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47845

Products

Pricing

Contact Us