CVE-2023-29134
Description
An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit.
CWE
- CWE-20 — CWE-20 Improper Input Validation
Affected
- n/a / n/a — v=n/a [affected]
CVSS
- (none)
References
- https://phabricator.wikimedia.org/T331362
- https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/898722
- https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/895774
- https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/900133
- https://phabricator.wikimedia.org/rECRG920f3c19a84175bcfe93f41ecf9f8cef32730f8e
Source
cvelistV5-main/cves/2023/29xxx/CVE-2023-29134.json