Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

StarCitizenTools — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting StarCitizenTools. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by StarCitizenTools:mediawiki-skins-Citizenmediawiki-extensions-ShortDescriptionmediawiki-extensions-TabberNeue
CVE IDTitleCVSSSeverityPublished
CVE-2025-62508 Citizen vulnerable to stored XSS in sticky header button messages — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-10-17
CVE-2025-53369 Citizen Short Description stored XSS vulnerability through wikitext — mediawiki-extensions-ShortDescriptionCWE-79 8.6 High2025-07-03
CVE-2025-53370 Citizen stored XSS vulnerability through short descriptions — mediawiki-skins-CitizenCWE-79 8.6 High2025-07-03
CVE-2025-53368 Citizen is vulnerable to stored XSS attack in the legacy search bar — mediawiki-skins-CitizenCWE-79 8.6 High2025-07-03
CVE-2025-53093 TabberNeue vulnerable to Stored XSS through wikitext — mediawiki-extensions-TabberNeueCWE-79 8.6 High2025-06-27
CVE-2025-49576 Citizen allows stored XSS in search no result messages — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-06-12
CVE-2025-49578 Citizen allows stored XSS in user registration date message — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-06-12
CVE-2025-49579 Citizen allows stored XSS in menu heading message — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-06-12
CVE-2025-49575 Citizen allows stored XSS in Command Palette tip messages — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-06-12
CVE-2025-49577 Citizen allows stored XSS in preference menu headings — mediawiki-skins-CitizenCWE-79 6.5 Medium2025-06-12
CVE-2025-21612 Cross-site Scripting in TabberTransclude in Extension:TabberNeue — mediawiki-extensions-TabberNeueCWE-79 8.6 High2025-01-06
CVE-2024-47536 starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field — mediawiki-skins-CitizenCWE-80 5.4 -2024-09-30
CVE-2024-36123 Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline — mediawiki-skins-CitizenCWE-79 6.5 Medium2024-06-03
CVE-2022-21710 Cross-site Scripting in ShortDescription extension — mediawiki-extensions-ShortDescriptionCWE-79 4.7 Medium2022-01-24

This page lists every published CVE security advisory associated with StarCitizenTools. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.