Vulnerabilities (CVE)

Filtered by vendor Wikimedia Subscribe
Filtered by product Parsoid
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30458 1 Wikimedia 1 Parsoid 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a <meta> tag, bypassing sanitization steps, and potentially allowing for XSS.