CVE-2017-20175 – DaSchTour matomo-mediawiki-extension Username Piwik.hooks.php cross site scripting

https://notcve.org/view.php?id=CVE-2017-20175

05 Feb 2023 — A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The complexity of an attack is rather high. • https://github.com/DaSchTour/matomo-mediawiki-extension/commit/681324e4f518a8af4bd1f93867074c728eb9923d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •