Vulnerabilities > Mediawiki > RSS FOR Mediawiki

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-29969 Cross-site Scripting vulnerability in Mediawiki RSS for Mediawiki
The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true).
network
low complexity
mediawiki CWE-79
6.1
6.1