VYPR

Growth

by MediaWiki

CVEs (2)

  • CVE-2021-42045Oct 6, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in SecurePoll in the Growth extension in MediaWiki through 1.36.2. Simple polls allow users to create alerts by changing their User-Agent HTTP header and submitting a vote.

  • CVE-2021-42047Oct 6, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallba…