ScratchLogin

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-42985	MediaWiki ScratchLogin		0.00	—	0.00		Nov 17, 2022	The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).

CVE-2022-42985Nov 17, 2022
MediaWiki
ScratchLogin
risk 0.00cvss —epss 0.00
The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform cross-site scripting (XSS).