漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline
Vulnerability Description
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Citizen 安全漏洞
Vulnerability Description
Citizen是Star Citizen Wiki团队的一款美观、易用、响应迅速的MediaWiki皮肤。 Citizen 2.16.0之前版本存在安全漏洞,该漏洞源于页面内容未经过转义,攻击者可以注入自定义HTML。
CVSS Information
N/A
Vulnerability Type
N/A