Medium severity6.1NVD Advisory· Published Nov 27, 2019· Updated Jun 17, 2026
CVE-2019-19328
CVE-2019-19328
Description
ui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection in tooltips for entities. NOTE: this GUI code is no longer bundled with the Wikibase Wikidata Query Service snapshots, such as 0.3.6-SNAPSHOT.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Wikibase/Wikibase Wikidata Query Service GUIdescription
- Range: <0.3.6-SNAPSHOT 2019-11-07
- Range: <0.3.6-SNAPSHOT 2019-11-07
Patches
Vulnerability mechanics
References
3- gerrit.wikimedia.org/g/wikidata/query/gui/+/270f833cff8fdc1e050230ecc9f7dfc4d090d90dnvdMailing ListPatchVendor Advisory
- gerrit.wikimedia.org/r/nvdMailing ListPatchVendor Advisory
- lists.wikimedia.org/pipermail/wikidata-tech/2019-November/001503.htmlnvdMailing ListPatchVendor Advisory
News mentions
0No linked articles in our index yet.