CVE-2022-28202

NameCVE-2022-28202
DescriptionAn XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mediawiki (PTS)stretch1:1.27.7-1~deb9u3vulnerable
stretch (security)1:1.27.7-1+deb9u11vulnerable
buster, buster (security)1:1.31.16-1+deb10u2vulnerable
bullseye (security), bullseye1:1.35.4-1+deb11u2vulnerable
bookworm, sid1:1.35.6-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mediawikisource(unstable)1:1.35.6-1

Notes

[bullseye] - mediawiki <postponed> (Fix along in next security release)
[buster] - mediawiki <postponed> (Fix along in next security release)
[stretch] - mediawiki <postponed> (Fix along in next security release)
https://phabricator.wikimedia.org/T297543
https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/

Search for package or bug name: Reporting problems