---

CVE-2022-28202 - log back

CVE-2022-28202 edited at 12 Apr 2022 21:25:20
Remote	- Unknown + Remote
Type	- Unknown + Cross-site scripting
Notes	- needs more research

CVE-2022-28202 created at 06 Apr 2022 13:38:56
Severity	+ Medium
Remote	+ Unknown
Type	+ Unknown
Description	+ An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.
References	+ https://phabricator.wikimedia.org/T297543
Notes	+ needs more research