CVE-2023-36675

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-36675
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36675.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-36675
Aliases
Downstream
Related
Published
2023-06-26T01:15:09.203Z
Modified
2026-02-12T00:55:21.491716Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type
GIT
Repo
https://github.com/wikimedia/mediawiki
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b8d14e9d292f1199b959b9ce26d99f72bf935406
Introduced
bc542ec6d8573dfb906b468901799e0017875f1e
Fixed
059c8e1b9a315c36ae827f929ea9a077acbba2eb
Introduced
c95fc4786beba034fa643062b98a60ccbde831fd
Fixed
c4075dfdbcb51df3c922aef582cf5b4091759595

Affected versions

1.*
1.39.0
1.39.1
1.39.2
1.39.3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36675.json"