{"id":"CVE-2021-45473","details":"In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL (aka a page-information sidebar).","aliases":["BIT-mediawiki-2021-45473"],"modified":"2026-04-10T04:41:30.338761Z","published":"2021-12-24T02:15:07.407Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7JNQA53K675TQBBJPZRAG5ZT6XES3IS/"},{"type":"ADVISORY","url":"https://gerrit.wikimedia.org/r/q/I3cd080a1a7dacd7396d37ee0c98cff0b4e241f8d"},{"type":"EVIDENCE","url":"https://phabricator.wikimedia.org/T294693"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wikimedia/mediawiki","events":[{"introduced":"0"},{"last_affected":"941a66dc1383997019ae80af87dea57dc4bd9c49"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.3.7"}]}}],"versions":["1.1.0","1.3.0beta1","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45473.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"35"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}