Skip to main content

CVE-2025-53369: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in StarCitizenTools mediawiki-extensions-ShortDescription

High
VulnerabilityCVE-2025-53369cvecve-2025-53369cwe-79
Published: Thu Jul 03 2025 (07/03/2025, 19:57:55 UTC)
Source: CVE Database V5
Vendor/Project: StarCitizenTools
Product: mediawiki-extensions-ShortDescription

Description

Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 4.0.1.

AI-Powered Analysis

AILast updated: 07/03/2025, 20:24:31 UTC

Technical Analysis

CVE-2025-53369 is a high-severity cross-site scripting (XSS) vulnerability identified in the ShortDescription extension for MediaWiki, developed by StarCitizenTools. This extension provides local short description support for MediaWiki pages. The vulnerability exists in version 4.0.0 of the extension, where user-supplied short descriptions are not properly sanitized before being inserted into the DOM as HTML via the mw.util.addSubtitle function. This improper neutralization of input (CWE-79) allows any user with edit permissions to inject arbitrary HTML or JavaScript code into the page content. Because the vulnerability does not require authentication or user interaction to exploit, an attacker can execute malicious scripts in the context of the victim's browser simply by having the victim visit a compromised or maliciously edited wiki page. The CVSS v3.1 base score is 8.6, reflecting the network attack vector, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, with limited impact on integrity and availability. The vulnerability was patched in version 4.0.1 of the extension. No known exploits are currently reported in the wild. The affected versions include all releases from 4.0.0 up to but not including 4.0.1, and certain commit ranges specified in the metadata. This vulnerability is significant because MediaWiki is widely used for collaborative documentation and knowledge bases, and the ShortDescription extension is used to enhance page metadata. Successful exploitation could lead to session hijacking, defacement, or distribution of malware via injected scripts.

Potential Impact

For European organizations, the impact of this vulnerability can be substantial, especially for those relying on MediaWiki platforms for internal knowledge management, documentation, or public-facing wikis. Exploitation could lead to unauthorized disclosure of sensitive information (confidentiality impact) through session token theft or credential capture. The integrity of wiki content could be compromised by injecting misleading or malicious content, damaging organizational reputation and trust. Availability impact, while rated low, could occur if injected scripts perform denial-of-service actions on users or the wiki platform. Public sector entities, educational institutions, and enterprises using MediaWiki with the ShortDescription extension are at risk of targeted attacks aiming to disrupt operations or gather intelligence. Since the vulnerability requires no authentication, any user with edit access or potentially anonymous users (depending on wiki configuration) could exploit it, increasing the attack surface. The lack of known exploits in the wild suggests limited immediate risk, but the high CVSS score and ease of exploitation warrant prompt remediation to prevent future attacks.

Mitigation Recommendations

European organizations should immediately upgrade the ShortDescription MediaWiki extension to version 4.0.1 or later, where the vulnerability has been patched. If upgrading is not immediately feasible, organizations should implement strict input validation and sanitization at the application level to prevent injection of arbitrary HTML or scripts in short descriptions. Restricting edit permissions to trusted users can reduce the risk of exploitation. Additionally, enabling Content Security Policy (CSP) headers can help mitigate the impact of injected scripts by restricting the sources from which scripts can be loaded and executed. Regularly auditing wiki pages for suspicious content and monitoring logs for unusual editing activity can help detect exploitation attempts. Organizations should also educate users about the risks of clicking on untrusted wiki links and encourage the use of updated browsers with built-in XSS protections. Finally, maintaining an up-to-date inventory of MediaWiki extensions and their versions will facilitate timely vulnerability management.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
GitHub_M
Date Reserved
2025-06-27T12:57:16.121Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6866e37a6f40f0eb729b8c3b

Added to database: 7/3/2025, 8:09:30 PM

Last enriched: 7/3/2025, 8:24:31 PM

Last updated: 7/3/2025, 9:21:36 PM

Views: 3

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats