PKSA-z45m-sh5c-325v Security Advisory
-
[MEDIUM] Non-jqueryMsg version of mw.message(…).parse() doesn't escape HTML
PKSA-z45m-sh5c-325v CVE-2020-25828 GHSA-h8qx-mj6v-2934
Affected package: mediawiki/core
Affected version: >=1.31.0,<1.31.9|>=1.34.0,<1.34.3|>=1.34.99,<1.35.0
Reported by:
GitHub, FriendsOfPHP/security-advisories