Search for packages
purl | pkg:composer/wikimedia/parsoid@0.11.0 |
Vulnerability | Summary | Fixed by |
---|---|---|
VCID-3bm7-tmfe-aaar
Aliases: CVE-2021-30458 GHSA-5pqx-77vf-85rw |
An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a <meta> tag, bypassing sanitization steps, and potentially allowing for XSS. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
Vulnerability | Summary | Aliases |
---|---|---|
This package is not known to fix vulnerabilities. |