Packagist (Composer) package
wikimedia/parsoid
pkg:composer/wikimedia/parsoid
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-30458 | — | >= 0.12, < 0.12.2 | 0.12.2 | Apr 9, 2021 | An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a tag, bypassing sanitization steps, and potentially allowing for XSS. |
- CVE-2021-30458Apr 9, 2021affected >= 0.12, < 0.12.2fixed 0.12.2
An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a tag, bypassing sanitization steps, and potentially allowing for XSS.