> Wikibase >+ (T339111, CVE-2023-37302) - Style injection into badges on Wikidata due to unescaped quotes. > https://gerrit.wikimedia.org/r/c/933649 <https://gerrit.wikimedia.org/r/c/933649> > https://gerrit.wikimedia.org/r/c/933650
It should be noted that the description of this issue is incorrect. It is an XSS not just a style injection. -- bawolff
_______________________________________________ Wikitech-l mailing list -- [email protected] To unsubscribe send an email to [email protected] https://lists.wikimedia.org/postorius/lists/wikitech-l.lists.wikimedia.org/
