Mediawiki · Mediawiki Visualeditor Extension · CVE-2019-19708
**Name of the Vulnerable Software and Affected Versions**
MediaWiki VisualEditor extension versions through 1.34
**Description**
The issue allows for XSS attacks via pasted content containing an element with a `data-ve-clipboard-key` attribute.
**Recommendations**
For versions through 1.34, update to a version that contains a fix for this issue.