CVE-2024-25107

{"id": "CVE-2024-25107", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-02-08T23:15:10.583", "references": [{"url": "https://github.com/miraheze/WikiDiscover/commit/267e763a0d7460f001693c42f67717a0fc3fd6bb", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/miraheze/WikiDiscover/security/advisories/GHSA-cfcf-94jv-455f", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://issue-tracker.miraheze.org/T11814", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/miraheze/WikiDiscover/commit/267e763a0d7460f001693c42f67717a0fc3fd6bb", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/miraheze/WikiDiscover/security/advisories/GHSA-cfcf-94jv-455f", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://issue-tracker.miraheze.org/T11814", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the `Language::date` function is used when making the human-readable timestamp for inclusion on the wiki_creation column. This function uses interface messages to translate the names of months and days. It uses the `->text()` output mode, returning unescaped interface messages. Since the output is not escaped later, the unescaped interface message is included on the output, resulting in an XSS vulnerability. Exploiting this on-wiki requires the `(editinterface)` right. This vulnerability has been addressed in commit `267e763a0`. Users are advised to update their installations. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "WikiDiscover es una extensi\u00f3n manipulada para usarse con una granja administrada CreateWiki para mostrar wikis. En Special:WikiDiscover, la funci\u00f3n `Language::date` se utiliza al crear la marca de tiempo legible por humanos para su inclusi\u00f3n en la columna wiki_creation. Esta funci\u00f3n utiliza mensajes de interfaz para traducir los nombres de meses y d\u00edas. Utiliza el modo de salida `->text()`, devolviendo mensajes de interfaz sin escape. Dado que la salida no se escapa m\u00e1s adelante, el mensaje de interfaz sin escape se incluye en la salida, lo que genera una vulnerabilidad XSS. Explotar este wiki requiere el derecho `(editinterface)`. Esta vulnerabilidad se ha solucionado en el commit `267e763a0`. Se recomienda a los usuarios que actualicen sus instalaciones. No se conocen workarounds para esta vulnerabilidad."}], "lastModified": "2024-11-21T09:00:16.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:miraheze:wikidiscover:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02EFBBB8-D7A9-4849-8269-FC4BEEC45608", "versionEndExcluding": "2023-02-08"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}