Cross-Site Scripting (XSS) Vulnerability in ProofreadPage Extension

Cross-Site Scripting (XSS) Vulnerability in ProofreadPage Extension

CVE-2023-45373 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators.

Learn more about our Web Application Penetration Testing UK.