CVE-2025-62508 | StarCitizenTools mediawiki-skins-Citizen up to 3.8.x Sticky Header Button Message stickyHeader.js copyButtonAttributes cross site scripting (GHSA-g955-vw6w-v6pp)

A vulnerability was found in StarCitizenTools mediawiki-skins-Citizen up to 3.8.x and classified as problematic. Affected is the function copyButtonAttributes of the file stickyHeader.js of the component Sticky Header Button Message Handler. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-62508. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More