Unrated severityNVD Advisory· Published Mar 30, 2022· Updated Aug 3, 2024
CVE-2022-28202
CVE-2022-28202
Description
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PT4CHJKOQOVMI65TSNZRNV6FIWU7SGZD/mitrevendor-advisory
- security.gentoo.org/glsa/202305-24mitrevendor-advisory
- www.debian.org/security/2022/dsa-5246mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/09/msg00027.htmlmitremailing-list
- phabricator.wikimedia.org/T297543mitre
News mentions
0No linked articles in our index yet.