starcitizentools/tabber-neue

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting starcitizentools/tabber-neuepage 1 of 1

CVE-2025-21612HIGHCVSS 8.6EG 8.6✓ Fixed in 2.7.2
2025-01-06
vulnerable: v1.9.1 ... v2.7.1 (14 versions)
TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Prior to 2.7.2, TabberTransclude.php doesn't escape the user-supplied page name when outputting, so an XSS payload as the page name can be used here. This vulnerabili…
CVE-2025-53093HIGHCVSS 8.6EG 8.6✓ Fixed in 3.1.1
2025-06-27
vulnerable: v3.0.0, v3.1.0
TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `<tabber…

Check whether starcitizentools/tabber-neue is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for starcitizentools/tabber-neue CVEs against the assets you own.

Start Free Scan →