CVE-2024-47536

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/d45c3d69f30863f622f16eb40dd41d3ca943454a/includes/Components/CitizenComponentUserInfo.php#L137	Product
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/717d16af35b10dab04d434aefddbf991fc8c168c	Patch
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/86da3e07718c8d8da6f4310386fef85599606f9b	Patch
https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-62r2-gcxr-426x	Vendor Advisory Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:starcitizen.tools:citizen:*:*:*:*:*:mediawiki:*:*

History

No history.

Information

Published : 2024-09-30 17:15

Updated : 2025-08-25 02:04

NVD link : CVE-2024-47536

Mitre link : CVE-2024-47536

CVE.ORG link : CVE-2024-47536

JSON object : View

Products Affected

starcitizen.tools

citizen

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

{"id": "CVE-2024-47536", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-09-30T17:15:04.780", "references": [{"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/d45c3d69f30863f622f16eb40dd41d3ca943454a/includes/Components/CitizenComponentUserInfo.php#L137", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/717d16af35b10dab04d434aefddbf991fc8c168c", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/86da3e07718c8d8da6f4310386fef85599606f9b", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-62r2-gcxr-426x", "tags": ["Vendor Advisory", "Exploit"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their \"real name\" to an XSS payload. This vulnerability is fixed in 2.31.0."}, {"lang": "es", "value": "Citizen es una interfaz de MediaWiki que hace que las extensiones formen parte de la experiencia cohesiva. Un usuario con el derecho editmyprivateinfo o que pueda cambiar su nombre de otra manera puede realizar un XSS a s\u00ed mismo configurando su \"nombre real\" en un payload XSS. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 2.31.0. "}], "lastModified": "2025-08-25T02:04:28.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:starcitizen.tools:citizen:*:*:*:*:*:mediawiki:*:*", "vulnerable": true, "matchCriteriaId": "B96F87E8-3484-4298-B353-339C87F02118", "versionEndExcluding": "2.31.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}