CVE-2021-42047

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088	Patch Vendor Advisory
https://phabricator.wikimedia.org/T289063	Patch Vendor Advisory
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088	Patch Vendor Advisory
https://phabricator.wikimedia.org/T289063	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:27

Type	Values Removed	Values Added
References	~~() https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088 - Patch, Vendor Advisory~~	() https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088 - Patch, Vendor Advisory
References	~~() https://phabricator.wikimedia.org/T289063 - Patch, Vendor Advisory~~	() https://phabricator.wikimedia.org/T289063 - Patch, Vendor Advisory

Information

Published : 2022-09-29 03:15

Updated : 2024-11-21 06:27

NVD link : CVE-2021-42047

Mitre link : CVE-2021-42047

CVE.ORG link : CVE-2021-42047

JSON object : View

Products Affected

mediawiki

mediawiki

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2021-42047", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2022-09-29T03:15:14.657", "references": [{"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://phabricator.wikimedia.org/T289063", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/720088", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://phabricator.wikimedia.org/T289063", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback."}, {"lang": "es", "value": "Se ha detectado un problema en la extensi\u00f3n Growth en MediaWiki versiones hasta 1.36.2. En cualquier Wiki con la funci\u00f3n Mentor Dashboard activada, los usuarios pueden iniciar sesi\u00f3n con una cuenta de mentor y desencadenar una carga \u00fatil de tipo XSS (como una alerta) por medio de Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback"}], "lastModified": "2024-11-21T06:27:08.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "852AD0A4-1F54-4352-8554-34DE96EF04D9", "versionEndIncluding": "1.36.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}