Listen to this Post
How the CVE Works:
The vulnerability arises due to improper sanitization of user-supplied input in the `shortdesc` property within the Citizen skin for MediaWiki. The `ShortDescription` extension allows users to set short descriptions, which are then inserted as raw HTML into the DOM without proper escaping. The `CitizenComponentPageHeading.php` file retrieves the unsanitized `shortdesc` value and passes it directly to the template, where it is rendered without escaping. This enables attackers to inject malicious JavaScript via crafted short descriptions, leading to stored cross-site scripting (XSS) when other users view the affected page.
DailyCVE Form:
Platform: MediaWiki (Citizen Skin)
Version: >= 1.9.4, < 3.4.0
Vulnerability: Stored XSS
Severity: High
Date: Jul 3, 2025
Prediction: Patch expected by Jul 10, 2025
What Undercode Say:
Analytics:
curl -XSS "https://github.com/StarCitizenTools/mediawiki-skins-Citizen" grep -r "shortdesc" /var/www/mediawiki
Exploit:
{{SHORTDESC:<script>alert('XSS')</script>}}
Protection from this CVE:
- Update to v3.4.0
- Sanitize `shortdesc` input
- Enable CSP headers
Impact:
- Arbitrary JS execution
- Session hijacking
- Data theft
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
