Reflected XSS Vulnerability in Semantic MediaWiki by Semantic MediaWiki
CVE-2022-48614

Currently unrated

Key Information:

Vendor: Semantic MediaWiki
Status: Semantic MediaWiki
Vendor: CVE Published:; 10 December 2023

🔔 Create Semantic MediaWiki Vulnerability Alert

What is CVE-2022-48614?

A vulnerability in Semantic MediaWiki before version 4.0.2 allows attackers to exploit reflected cross-site scripting (XSS) issues via unvalidated input in the 'Special:Ask' functionality. This could lead to unauthorized actions on behalf of the victim, including capturing session cookies or redirecting users to malicious sites. It is crucial for users to upgrade to the patched version to safeguard against such attacks.

References

https://github.com/SemanticMediaWiki/SemanticMediaWiki/is...

https://www.semantic-mediawiki.org/wiki/Semantic_MediaWik...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2023
Vulnerability Reserved
Dec 10, 2023

CVE-2022-48614 Data

JSON