{"vulnerability": "ghsa-jfj7-249r-7j2m", "sightings": [{"uuid": "dc8edadd-0419-49fe-8ffa-4fc26a3aa35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-JFJ7-249R-7J2M", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19754", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53093\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `` tag. Version 3.1.1 contains a patch for the bug.\n\ud83d\udccf Published: 2025-06-27T17:43:24.107Z\n\ud83d\udccf Modified: 2025-06-27T17:43:24.107Z\n\ud83d\udd17 References:\n1. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/security/advisories/GHSA-jfj7-249r-7j2m\n2. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/4cdf217ef96da74a1503d1dd0bb0ed898fc2a612\n3. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/62ce0fcdf32bd3cfa77f92ff6b940459a14315fa\n4. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Components/TabberComponentTabs.php#L15-L31\n5. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Tabber.php#L76\n6. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/templates/Tabs.mustache#L1", "creation_timestamp": "2025-06-27T17:56:09.000000Z"}]}