CVE-2025-53369

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-53369
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-53369.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-53369
Aliases
Published
2025-07-03T20:15:23Z
Modified
2025-07-04T04:00:11Z
Summary
[none]
Details

Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 4.0.1.

References

Affected packages

Git / github.com/starcitizentools/mediawiki-extensions-shortdescription

Affected ranges

Type
GIT
Repo
https://github.com/starcitizentools/mediawiki-extensions-shortdescription
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bc4fdbaeb1dff127fb6d08c0d385b64aa128c8f8