PKSA-2scp-v3wb-xcgz Security Advisory
-
[MEDIUM] mw.message.parse() accepts javascript: protocol in wikilinks
PKSA-2scp-v3wb-xcgz CVE-2020-25814 GHSA-4vr7-m8p8-434h
Affected package: mediawiki/core
Affected version: >=1.31.0,<1.31.9|>=1.34.0,<1.34.3|>=1.34.99,<1.35.0
Reported by:
GitHub, FriendsOfPHP/security-advisories