Kcnotes

**Name of the Vulnerable Software and Affected Versions** Bucket versions prior to 2.1.1 **Description** Bucket is a MediaWiki extension used to store and retrieve structured data on articles. A stored cross-site scripting (XSS) issue exists that allows malicious code to be inserted into any Bucket table field with a PAGE type. This code will execute when a user views the corresponding Bucket namespace page. **Recommendations** Update to Bucket version 2.1.1 or later.