VYPR

MobileFrontend

by MediaWiki

CVEs (3)

  • CVE-2020-26120Sep 27, 2020
    risk 0.00cvss epss 0.01

    XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image…

  • CVE-2019-15124Mar 19, 2020
    risk 0.00cvss epss 0.01

    In the MobileFrontend extension for MediaWiki, XSS exists within the edit summary field of the watchlist feed. This affects REL1_31, REL1_32, and REL1_33.

  • CVE-2019-14807Aug 9, 2019
    risk 0.00cvss epss 0.01

    In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php.