Unrated severityNVD Advisory· Published Nov 17, 2022· Updated Apr 25, 2025
CVE-2022-42985
CVE-2022-42985
Description
The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MediaWiki/ScratchLogindescription
- Range: <=1.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.