Skip to content

Commit 3608dc2

Browse files
advisory-database[bot]advisory-database[bot]
committed
1 parent 7c074ca commit 3608dc2

File tree

1 file changed

+46
-4
lines changed

1 file changed

+46
-4
lines changed

advisories/unreviewed/2022/05/GHSA-6h86-9r5g-f2h5/GHSA-6h86-9r5g-f2h5.json renamed to advisories/github-reviewed/2022/05/GHSA-6h86-9r5g-f2h5/GHSA-6h86-9r5g-f2h5.json

Lines changed: 46 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,55 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-6h86-9r5g-f2h5",
4-
"modified": "2022-05-17T04:07:54Z",
4+
"modified": "2024-11-01T23:10:24Z",
55
"published": "2022-05-17T04:07:54Z",
66
"aliases": [
77
"CVE-2014-2853"
88
],
9+
"summary": "Cross-site scripting vulnerability in includes/actions/InfoAction.php",
910
"details": "Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action.",
1011
"severity": [
1112

1213
],
1314
"affected": [
14-
15+
{
16+
"package": {
17+
"ecosystem": "Packagist",
18+
"name": "mediawiki/core"
19+
},
20+
"ranges": [
21+
{
22+
"type": "ECOSYSTEM",
23+
"events": [
24+
{
25+
"introduced": "0"
26+
},
27+
{
28+
"fixed": "1.21.9"
29+
}
30+
]
31+
}
32+
]
33+
},
34+
{
35+
"package": {
36+
"ecosystem": "Packagist",
37+
"name": "mediawiki/core"
38+
},
39+
"ranges": [
40+
{
41+
"type": "ECOSYSTEM",
42+
"events": [
43+
{
44+
"introduced": "1.22.0"
45+
},
46+
{
47+
"fixed": "1.22.6"
48+
}
49+
]
50+
}
51+
]
52+
}
1553
],
1654
"references": [
1755
{
@@ -30,6 +68,10 @@
3068
"type": "WEB",
3169
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=63251"
3270
},
71+
{
72+
"type": "PACKAGE",
73+
"url": "https://github.com/wikimedia/mediawiki"
74+
},
3375
{
3476
"type": "WEB",
3577
"url": "https://www.mediawiki.org/wiki/Release_notes/1.21#Changes_since_1.21.8"
@@ -60,8 +102,8 @@
60102
"CWE-79"
61103
],
62104
"severity": "MODERATE",
63-
"github_reviewed": false,
64-
"github_reviewed_at": null,
105+
"github_reviewed": true,
106+
"github_reviewed_at": "2024-11-01T23:10:24Z",
65107
"nvd_published_at": "2014-04-29T18:55:00Z"
66108
}
67109
}

0 commit comments

Comments
 (0)