> Wikibase >+ (T339111, CVE-2023-37302) - Style injection into badges on Wikidata due to unescaped quotes. > https://gerrit.wikimedia.org/r/c/933649 <https://gerrit.wikimedia.org/r/c/933649> > https://gerrit.wikimedia.org/r/c/933650
It should be noted that the description of this issue is incorrect. It is an XSS not just a style injection. -- bawolff
_______________________________________________ Wikitech-l mailing list -- wikitech-l@lists.wikimedia.org To unsubscribe send an email to wikitech-l-le...@lists.wikimedia.org https://lists.wikimedia.org/postorius/lists/wikitech-l.lists.wikimedia.org/
