> Wikibase
>+ (T339111, CVE-2023-37302) - Style injection into badges on Wikidata due to unescaped quotes.
> https://gerrit.wikimedia.org/r/c/933649
It should be noted that the description of this issue is incorrect. It is an XSS not just a style injection.
--
bawolff