CVE-2024-47612

DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). If these messages are edited (which requires the (editinterface) right by default), anyone who can view Special:DataDump (which requires the (view-dump) right by default) can be XSSed. This vulnerability is fixed with 601688ee8e8808a23b102fa305b178f27cbd226d.

CVSS v3 3.5 LOW

3.5^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/miraheze/DataDump/commit/601688ee8e8808a23b102fa305b178f27cbd226d.patch
https://github.com/miraheze/DataDump/security/advisories/GHSA-h8x8-24c7-r2rj
https://issue-tracker.miraheze.org/T12670

Configurations

No configuration.

History

04 Oct 2024, 13:50

Type	Values Removed	Values Added
Summary		(es) DataDump es una extensión de MediaWiki que proporciona volcados de wikis. Varios mensajes de interfaz no tienen caracteres de escape (más específicamente, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). Si se editan estos mensajes (lo que requiere el derecho (editinterface) de forma predeterminada), cualquiera que pueda ver Special:DataDump (que requiere el derecho (view-dump) de forma predeterminada) puede ser víctima de XSS. Esta vulnerabilidad se corrige con 601688ee8e8808a23b102fa305b178f27cbd226d.

02 Oct 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-02 15:15

Updated : 2024-10-04 13:50

NVD link : CVE-2024-47612

Mitre link : CVE-2024-47612

CVE.ORG link : CVE-2024-47612

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

{"id": "CVE-2024-47612", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 0.9}]}, "published": "2024-10-02T15:15:15.133", "references": [{"url": "https://github.com/miraheze/DataDump/commit/601688ee8e8808a23b102fa305b178f27cbd226d.patch", "source": "security-advisories@github.com"}, {"url": "https://github.com/miraheze/DataDump/security/advisories/GHSA-h8x8-24c7-r2rj", "source": "security-advisories@github.com"}, {"url": "https://issue-tracker.miraheze.org/T12670", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). If these messages are edited (which requires the (editinterface) right by default), anyone who can view Special:DataDump (which requires the (view-dump) right by default) can be XSSed. This vulnerability is fixed with 601688ee8e8808a23b102fa305b178f27cbd226d."}, {"lang": "es", "value": "DataDump es una extensi\u00f3n de MediaWiki que proporciona volcados de wikis. Varios mensajes de interfaz no tienen caracteres de escape (m\u00e1s espec\u00edficamente, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-failed)). Si se editan estos mensajes (lo que requiere el derecho (editinterface) de forma predeterminada), cualquiera que pueda ver Special:DataDump (que requiere el derecho (view-dump) de forma predeterminada) puede ser v\u00edctima de XSS. Esta vulnerabilidad se corrige con 601688ee8e8808a23b102fa305b178f27cbd226d."}], "lastModified": "2024-10-04T13:50:43.727", "sourceIdentifier": "security-advisories@github.com"}

3.5 /10