VYPR

ExpandTemplates

by MediaWiki

CVEs (1)

  • CVE-2014-9478Jan 16, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the preview in the ExpandTemplates extension for MediaWiki, when $wgRawHTML is set to true, allows remote attackers to inject arbitrary web script or HTML via the wpInput parameter to the Special:ExpandTemplates page.