Scratch-Wiki: >> Scratch Login >> 1.1 Security Vulnerabilities
The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).
CVSS Score
4.8
EPSS Score
0.001
Published
2022-11-17