VYPR

ProofreadPage

by MediaWiki

CVEs (2)

  • CVE-2023-45373Oct 9, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators.

  • CVE-2023-37305Jun 30, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces.